Concur Invoice Professional Edition Administration Help

June 2018 Request Professional Edition Admin Summary

Update #1

Request

Change Log Now Logging When a Delegate Is Assigned

When a user adds a delegate, the act of adding will leave an audit trail. The steps for adding a delegate are unchanged and this change includes delegates that are added using the user interface, a flat file import or an Excel import. This change is only for adding delegates, not for removing them.

Business Purpose / Client Benefit: This change enhances audit capabilities.

End of Support for TLS 1.0 Email – Targeted for Wednesday, 27 June 2018

In 2017, SAP Concur announced that it would end support for version 1.0 of the TLS encryption protocol.

Be aware that – targeted for Wednesday, 27 June 2018 – SAP Concur will disable the ability to accept incoming email via TLS 1.0 connectivity for plans@concurtravel.com and plans@tripit.com.

There should be very little customer impact since the vast majority of customers have already disabled the ability to send email via the TLS 1.0 protocol.

**Reminder** New Cookie Consent Process

Europe has very specific user-consent requirements for cookies. There are two types of consent when allowing cookies to be saved on the user's computer. As described on the following pages, each country decides which option to use. The options are:

  • Active consent: The user actively agrees to allow cookies. In this case, SAP Concur is required to obtain user consent before saving any cookies on a user's computer.
  • Passive consent: The user does not disallow cookies.

Each country decides which option it wants to use.

Business Purpose / Client Benefit: These changes keep SAP Concur in compliance with global privacy requirements.

**Reminder** Whitelist for TrustArc.com

The May release notes included an item named New Cookie Preferences Link in the SAP Concur Footer. It describes cookie-related process changes that were introduced in the May 12 release because of specific consent regulations in Europe.

To ensure that SAP Concur properly responds to the regulations, SAP Concur has enlisted the assistance of TrustArc, a global privacy and data governance provider. Please ensure that your organisation's IT (or similar) department adds TrustArc to its whitelist, so TrustArc can properly monitor and manage these processes.

TrustArc must be whitelisted by domain – not IP – since the IP is variable. Please whitelist these domains:

  • trustarc.com
  • prefmgr-cookie.truste-svc.net

Business Purpose / Client Benefit: Whitelisting ensures that TrustArc has the proper access to manage consent regulations on behalf of SAP Concur.

SAP Concur Platform

Callout Server Requirements Update

SAP Concur is upgrading the servers that support the SAP Concur Platform Callouts. This maintenance includes the Production Proxy Migration (North America Data Centre only) and PWS Server Migration to VM (EMEA and North American Data Centres only). The PWS Server Migration to VM was completed on 2 May, 2018. The Production Proxy Migration began on 9 May 2018, and will be completed in a future release.

These servers support the following functionality:

  • Fetch Attendee Data Callout
  • Fetch List Item Callout
  • Event Notification Callout
  • Launch External URL Callout
  • Concur Salesforce Connector

Be aware that this maintenance means that for any customer callout URLs, SAP Concur has the following requirements:

  • The endpoint is secured with SSL/TLS.
  • The endpoint uses a minimum of TLS 1.0, but TLS 1.2 is preferred.
  • The endpoint must employ Diffie-Hellman cipher suites with key sizes >1024 bits.
  • Due to the ever-evolving world of SSL and standards, we do not publish a specific list of permitted cipher suites, but we generally advise that a modern industry supported list is utilised.
  • The endpoint must present an SSL certificate with a chain to a valid root that can be verified. If the chain cannot be verified without installing additional certificates, the calls from SAP Concur will fail.
  • Clients who whitelist access for Concur callout traffic from the North America Data Centre (not common) may need to update their access control list (ACL) to IP 12.129.29.86.

Business Purpose / Client Benefit: This maintenance will mitigate the out-of-warranty issue with our current hardware.

Planned Changes

The items in this section are targeted for future releases. Concur reserves the right to postpone implementation of – or completely remove – any enhancement/change mentioned here.

**Planned Changes** Concur Request APIs v4.0

Concur will soon be releasing Concur Request APIs v4.0. We are targeting to release v4.0 in July 2018.

With v4.0, Concur will be exposing new Request endpoints, providing the ability for a client and/or a partner to interact with Concur Request to do the following:

  • Get the detailed information about existing authorisation requests

  • Read, create, delete or update an existing request

  • Move an existing authorisation request through the approval flow with one of the following available actions: submit, approve, recall, cancel, close or reopen

  • Get the list of expected expenses in a request

  • Read, create, delete or update an expected expense for a request

  • Get information from a travel agency office

When Concur Request APIs v4.0 is released, additional information about v4.0 will be available in the Developer Platform Release Notes: https://developer.concur.com/tools-support/release-notes/index.html (English Only)

Background: SAP is continuing to invest heavily in APIs and tools to simplify end-to-end integration.

At SAP Concur, we strongly believe that an open ecosystem expands your view. An open ecosystem dynamically connects your internal systems, spend and partner data to reveal powerful insights that empower you to run your business better.

Explore the capabilities listed in the Overview section and consider how the APIs could help you simplify some of your existing processes, such as:

  • Automatically creating a Concur Travel Request for any off-site training approved through your Human Resources system

  • Exposing authorisation requests pending approvals onto your internal corporate portal “Manager” widget

We are also planning on adding additional API capabilities in a future release.

Permissions: In addition to the existing user-level permissions, the Concur Request APIs v4.0 will be managing the authorisation for company-level permissions. This will allow our clients and/or partners to use a single token/permission to interact with Request on behalf of all company users.

Business Purpose / Client Benefit: These enhancements will provide more options for developers using Concur's Platform with Request.

**Planned Changes** Personalised Concur Open

Concur Open is the SAP Concur real-time service status dashboard, which displays outages and incidents for select SAP Concur services and all data centres. Concur Open displays the current service status as well as incident history for the past 20 days.

In a future release, there will be new functionality added to Concur Open. Users will continue to access Concur Open and view Concur service availability. However, in addition, SAP Concur users will be able to log in to Concur Open and:

  • View service status for the services and the data centre specific to their company
  • Access subscription options for updates about the incidents that affect the services specific to their company
  • View service history for the past two years, including detailed root cause analysis information and the actions taken by SAP Concur for each incident

Business Purpose / Client Benefit: Customers use Concur Open to monitor their SAP Concur services outages, status and availability. Adding this new functionality will provide customers a personalised view of their service status and availability. SAP Concur's goal is to provide a more accurate and transparent view of incidents/outages.

**Planned Changes** Processor Privacy Statement Link in Online Help – Targeted for July

The Processor Privacy Statement link is available in the SAP Concur footer.

However, not all pages in SAP Concur display the footer. In this case, the user can return to the Home page and click the Processor Privacy Statement link there.

Also – targeted for July – SAP Concur will add the Processor Privacy Statement link to online Help.

**Planned Changes** Support for Plain Text FTP to End on 1 September, 2018

SAP Concur announced the End of Support for plain text FTP to transfer data to and from SAP Concur.

Plain text FTP is not a secured protocol and has inherent security vulnerabilities. On 1 September, 2018, SAP Concur Operations will apply a security update to our File Transfer infrastructure, restricting the use of plain text FTP as a part of our ongoing commitment to securing our customers’ data and meeting the audited security requirements of the SAP Concur Trust Platform.

For more information, refer to the Plain Text FTP Retirement FAQ (English Only).

What This Means – The Client Experience: After 1 September, 2018, uploads of file types such as Employee, List, Attendee and other Import files, as well as downloads of SAE and other Extract files that use Plain Text FTP, will not be accepted via SAP Concur’s Filemover system. This will significantly impact client usage of SAP Concur products such as Concur Travel, Concur Expense and Concur Invoice, as well as integration activities to customers’ financial systems. There will be no exceptions beyond 1 September, 2018.

Client Notifications

SAP Concur Non-Affiliated Subprocessors

The list of non-affiliated subprocessors is available here: SAP Concur list of Subprocessors (English Only)

Monthly Browser Certifications

Monthly browser certifications, both current and planned, are available with the other SAP Concur monthly release notes, accessible from What's New - Professional Edition