How to Test SuccessFactors API with Postman?

Testing APIs is a crucial step in integrating and troubleshooting enterprise applications, and SAP SuccessFactors is no exception. Recently, I was tasked with building an integration with SuccessFactors, so I had to test the API first. Since I am a technical consultant, I work with many different tools, but I had never worked with SuccessFactors API before. That’s when I turned to Postman. If you’re wondering how to test SuccessFactors API with Postman, this guide will walk you through the process – from setting up Postman and authenticating requests to making API calls. By the end, you’ll be able to validate data, debug integrations, and ensure smooth communication between systems. Let’s dive in!

What is OData API in SuccessFactors?

OData (Open Data Protocol) API in SuccessFactors is a RESTful API that allows users to interact with SuccessFactors data using standard HTTP methods (GET, POST, PUT, DELETE). It enables seamless integration with external applications by providing a structured way to query, update, and manipulate HR data. OData API supports filtering, sorting, and pagination, making it efficient for handling large datasets. It is widely used for reporting, automation, and syncing HR data across systems.

Prerequisites: API User and Permissions

The first thing that has to be done is to create a technical user and assign proper permission role to this user. If the API user should only have rights to read data, we should give him view permissions through Manage Permission Roles:

This permission role should be assigned to API user.

If you want to give permission to only specific data entities, you should give the following permission to user, and select which items can be accessed:

NOTE: Have in mind that the following permission gives access to some compensation-related data:

How to Test SuccessFactors API with Postman?

Integrating SAP SuccessFactors with external applications often requires secure access to its OData API. OAuth 2.0, an industry-standard protocol for authorization, provides a robust solution to manage authentication and access control. In this guide, we will walk through the process of setting up OAuth 2.0 authentication in Postman to connect with the SAP SuccessFactors OData API. Whether you’re building server-to-server integrations or enabling user-specific access, OAuth 2.0 ensures your API requests are secure and compliant.

To start using OAuth, you must first create an OAuth client in SAP SuccessFactors. Search for Manage OAuth2 Client Applications:

Click on Register Client Application:

The following screen will appear. Make sure you fill in mandatory fields (Application Name and Application URL). Company will be automatically filled based on current environment. Make sure that you bind the application with the correct API user. After that, click on Generate X.509 Certificate:

NOTE: You can find the list of SAP SuccessFactors API servers here: https://help.sap.com/docs/SAP_SUCCESSFACTORS_PLATFORM/d599f15995d348a1b45ba5603e2aba9b/af2b8d5437494b12be88fe374eba75b6.html?locale=en-US

Fill the Common Name field and click on Generate to generate the certificate:

The certificate will be generated. Make sure you download it to your local machine and then click on Register to register the application:

Setting up Postman for OAuth

First thing you have to do is to create a new environment by clicking on + sign in the Environments section.

Fill in the new environment name (e.g. SuccessFactorsOAUTH or something similar):

Create the following variables, so we can use them later when we will send the requests to SF API:

• user_id – this is the user ID we will use to access the API
• token_url – this is the same URL as your endpoint, but ends with /oauth/token
• private_key – you will find this key in the certificate file that you downloaded earlier. Open the file in any text editor, and copy the string between „BEGIN ENCRYPTED PRIVATE KEY“ and „END ENCRYPTED PRIVATE KEY“:

• grant_type – use the value urn:ietf:params:oauth:grant-type:saml2-bearer as shown on the following image
• Content-Type – use the value application/x-www-form-urlencoded as shown on the following image:

• company_id – this is the company ID of your SuccessFactors instance
• client_id – this is the API Key you see when you click on View next to the application you just registered in SuccessFactors (under Manage OAuth2 Client Applications):

We will use these variables in our API requests, so we don’t have to type them manually in every request.

SuccessFactors Assertion Token

Next step is to create a request that will give us the assertion token which will be used to get the access token.

Go to Collections section in Postman and create a new blank collection:

You can also call it SuccessFactorsOAUTH:

Select the collection you want to work with and click on New to create a new API request:

Make sure you select the HTTP option:

The first step is to get the assertion token. Name you request Assertion Token or something similar. Make sure you use the POST method and that you type in proper URL based on your API endpoint. It must end with /oauth/idp. In my case it’s https://api55.sapsf.eu/oauth/idp:

Now let’s use the variables that we created earlier. Go to Body section and choose the value x-www-form-urlencoded:

Next step is to add the keys that will be used in our API call. We will take the values from variables created during the creation of our environment:

Now, when you click on Send, the system will send a request to our API and give us the assertion token as a response:

Use the following button to copy the assertion token. We will use it in the next step to get the access token:

NOTE: Make sure you have proper enviroment selected when you send the request, since you can have multiple enviroments created in Postman:

Also make sure you are using No Auth authorization type:

SuccessFactors Access Token

Next step is to obtain the access token. Create a new request in your collection, but this time you will use another URL that ends with /oauth/token:

Go to Body section and select the value x-www-form-urlencoded, same way as you did in the previous section:

Enter the following keys and their values (make sure you replace the assertion token with the one you received in the previous step):

When you click send, you will finally receive a bearer token that we will use in the next step:

NOTE: An access token expires within 24 hours after it’s generated.

Requesting data from SuccessFactors via Odata API and OAuth 2.0:

Next step is to get the data from SuccessFactors. Create a new request, but this time select the GET method. You can use the following URL to get the employment-related data: https://api55.sapsf.eu/odata/v2/EmpEmployment?$format=json

Go to Authorization section and select Bearer Token as authorization type. Replace Token value with the one you received in the previous step:

When you click send, after a few seconds you should get status 200 OK, together with the response:

If you want to expand the data entity with connected data entities, you should use the expand function and type in connected entities that you need, each one separated by comma:

If you want to filter the data, you can use the filter function:

With Postman configured, you’re now ready to start making API requests and building integrations with SAP SuccessFactors.

NOTE: SuccessFactors is using Unix Timestamp Format, that looks like this:  “applicationDate”: “/Date(1487092163000+0000)/”. It can be converted on: https://www.epochconverter.com/

Finding SuccessFactors Endpoints

To find the correct OData API endpoints in SAP SuccessFactors, it’s essential to have access to the system documentation and tools that allow you to explore available API services and metadata. Below are some of the best ways to discover the proper endpoints:

SAP SuccessFactors API Reference Guide (Odata V2)

You can use the following links to find the endpoint you need for your integrations:

https://help.sap.com/docs/SAP_SUCCESSFACTORS_PLATFORM/d599f15995d348a1b45ba5603e2aba9b/03e1fc3791684367a6a76a614a2916de.html

https://help.sap.com/doc/a7c08a422cc14e1eaaffee83610a981d/2405/en-US/SF_HCM_OData_API_DEV.pdf

Use the SuccessFactors OData Metadata Explorer (Service Document)

SuccessFactors exposes a metadata service that provides a complete list of available entities and their associated endpoints. By accessing the metadata, you can browse or query the API to find available entities and their operations.

This will return an XML file that contains all available entities, their fields, and the corresponding endpoints.

You can search this file for specific entities such as User, Job, Employee, etc., and their associated URLs. This method gives you a comprehensive view of what API endpoints are available on your SuccessFactors system.

Explore SuccessFactors API Entities via Postman

You can directly query the SuccessFactors OData API in Postman to discover available entities and data.

Odata API Data Dictionary

The OData API Data Dictionary in SAP SuccessFactors is a comprehensive resource that details all the OData API entities, fields, and relationships within SuccessFactors. It is an invaluable tool for developers and administrators who need to understand the structure of the data exposed through the OData API and helps in finding proper endpoints, field names, data types, and relationships between entities.

The OData API Data Dictionary provides a detailed breakdown of:

• Entities: These represent the various data objects, such as User, Employee, JobReq, etc.
• Fields: Each entity has specific fields like userId, firstName, lastName, etc., along with their data types and attributes.
• Associations: It shows the relationships between entities (e.g., how User is associated with JobInfo).
• Endpoints: It lists the OData endpoints where you can interact with these entities.

You can simply scroll through the list of data entities, and select the one you need:

The name of data entity is the same as the endpoint in your request:

Once you select it, it will show you the list of properties (fields) contained inside:

These properties are used in your Odata requests (and responses):

You can also search for data entities by clicking on Search All:

Odata API Data Dictionary will also show you the required fields that you have to use when using the POST method:

It will also show the related entities for each field:

Final Thoughts

Testing APIs is a critical step in ensuring smooth integrations, and by now, you should have a solid understanding of how to test SuccessFactors API with Postman. From setting up authentication to making API requests, Postman simplifies the process, allowing you to validate data and troubleshoot potential issues efficiently.

Additionally, if you’re working with SuccessFactors, it’s important to understand what OData API in SuccessFactors is. The OData API provides a standardized way to interact with SuccessFactors data, enabling powerful querying, filtering, and integration capabilities.

By combining Postman for testing and OData API for structured data access, you can build reliable and efficient integrations with SuccessFactors. If you have any questions or insights, feel free to share them in the comments!