OCI PunchOut

1. What is OCI PunchOut?

This article discusses the technical implementation of an OCI integration. For a general explanation of OCI PunchOut integrations, please refer to the general article on PunchOut integrations.

An OCI integration, also called OCI PunchOut or OCI PunchOut, is a standard way of integrating developed by SAP and works with the standard HTTP methods. To log into (PunchOut to) the webshop, user data are provided by the purchasing package. These data can be provided via the POST or GET method. The difference between these two methods is that in the POST method, the user data are sent in the background. In the GET method the user data are passed along in the URL, which makes them easier to read by a user.

For example, if we want to log a user into the web shop with the address "www.example.org" we can do so by sending the user to the following address:

https://example.org/oci?username=JohnDoe123&password=SuperSecret&
HOOK_URL=https://www.site.example?hash=abc123

In this example the URL contains 3 other parameters besides the address of the webshop:

username
This is the username that the user will use to log into the webshop. In this example, the username is "JohnDoe123".
password
This is the password that belongs to the user account. In this example, the password is "SuperSecret".
HOOK_URL
This is the address to which the cart should be returned. In the example, the address is https://www.site.example?hash=abc123, but in practice the HOOK URL also contains parameters to distinguish the different users from the ERP.

The parameters with the username and password must be verified by the webshop to determine whether the user is authenticated or not. If everything is correct the user should be logged into the web store directly.

The parameters are almost always url-encoded. This is necessary because not all characters are allowed in a URL. The webshop must "url decode" the received parameters before they are used.

To return the shopping cart to the purchasing package, an HTTP Post is used again. There are various methods by which this can be implemented, but a simple example is an HTML form with hidden values. SAP has default names for the parameters of the PunchOut order, these are characterized by the prefix NEW_ITEM. It is important to ensure that the parameters sent by the webshop correspond to the values expected by the ERP. Depending on the procurement system there is the possibility to map different fields to connect to different webshops. An example of an HTML form to send products looks like this:

<form action="https://www.procurementsystem.example?hash=123ABC" method="post">
    <input type="hidden" name="NEW_ITEM-DESCRIPTION[0]" value="A123">
    <input type="hidden" name="NEW_ITEM-QUANTITY[0]" value="1">
    <input type="hidden" name="NEW_ITEM-UNIT[0]" value="Pieces">
    <input type="hidden" name="NEW_ITEM-PRICE[0]" value="10.00">
    <input type="hidden" name="NEW_ITEM-CURRENCY[0]" value="EUR">
    <input type="hidden" name="NEW_ITEM-VAT[0]" value="21">
    <input type="hidden" name="NEW_ITEM-VENDORMAT[0]" value="12345">
    <input type="submit" value="Transfer shopping cart" id="submit1" name="submit1">
</form>

  

Warning! Most purchasing packages assume that the user and shopping cart are returned simultaneously to the HOOK URL. So it is not possible to first return the shopping cart, wait for a response from the ERP, and then forward the user.

For a detailed explanation and description of all fields, please refer to SAP's official documentation. The documentation for OCI 4.0 can be found on SAP's official website.