In today’s digital landscape, data integration plays a crucial role in streamlining business processes. Nakisa HR Suite (formerly known as Hanelly) has been a leader in providing comprehensive organizational analysis and design solutions. A key feature of Nakisa’s offerings is its ability to integrate seamlessly with various HCM and financial systems, ensuring that HR leaders have access to critical data to make informed decisions. Recently, Nakisa has transitioned to a more secure and efficient data integration method with SAP SuccessFactors through the adoption of OAuth2 authentication.

Data Integration with Nakisa HR Suite

Nakisa HR Suite offers end-to-end solutions designed to support HR and business leaders in building agile organizations aligned with their strategic goals. A core aspect of this offering is Nakisa’s data integration capabilities. The system integrates with leading HCM and financial platforms, such as SAP SuccessFactors, to bring relevant, real-time data into Nakisa’s HCM core.

Data migration and integration at the enterprise level are often complex and security-sensitive. With over 20 years of experience, Nakisa has developed a streamlined and secure solution to ensure the smooth transfer of data while minimizing security and privacy concerns.

Transition from Basic Auth to OAuth2 Authentication

One of Nakisa HR Suite’s key integrations is with SAP SuccessFactors, a modern SaaS-based HCM system that supports a variety of HR management functions. Nakisa and SAP SuccessFactors work together through a bi-directional data integration, providing a secure connection over HTTPS. Initially, SuccessFactors used Basic Authentication (Basic Auth) for API access. This method relied on a combination of a username, password, and company code to authenticate data requests or updates via the SFAPI and OData APIs.

However, SAP announced in 2021 that it would phase out Basic Auth by the end of 2022 in favor of a more modern, secure authentication method—OAuth2. This transition was implemented to offer improved security and more flexibility in API integrations.

Nakisa has already prepared for this shift, ensuring a smooth transition for customers. By mid-2022, Nakisa will finalize its solution for OAuth2, providing customers with enough time to reconfigure their connections between Nakisa HR Suite and SAP SuccessFactors. The process is straightforward and involves a one-time reconfiguration of the connection settings, with minimal effort required from customers.

What is OAuth2?

OAuth2 is a modern framework for secure authentication between applications, designed to reduce the need for sensitive information exchange, such as passwords. Instead, OAuth2 uses tokens for authentication, offering greater flexibility and control over data access. This method allows for easy authorization and revocation of access, ensuring that one application’s data access can be modified without impacting others.

Here’s how OAuth2 works in the context of Nakisa’s integration with SAP SuccessFactors:

1. Client Registration: The first step in the OAuth2 process involves registering the client application (Nakisa SuccessFactors Connector) with the host application (SAP SuccessFactors). In this step, a certificate is generated by the client, and its public key is shared with the host system. This step is done once during the initial setup.

2. Data Exchange: After the client application is registered, the process for data exchange via API begins. Every time Nakisa HR Suite queries or updates data, the client application contacts the host (SAP SuccessFactors) to authenticate itself and receive a token.

3. Authorization: Once the client receives the token, it sends it to the host’s authorization service for validation. If the token is approved, the client receives an assertion key.

4. Data Access: The client then uses the assertion key to interact with the resource service, making requests to query or update data. These requests are processed within the limitations of the provided assertion key.

This OAuth2 framework ensures that the integration remains secure and allows Nakisa HR Suite to efficiently work with SAP SuccessFactors APIs, ensuring smooth data flow while adhering to the latest security protocols.

Conclusion

Nakisa HR Suite’s transition to OAuth2 for its SAP SuccessFactors integration marks an important step in enhancing data security and providing a more streamlined, flexible approach to API authentication. As companies continue to rely on seamless data exchanges for decision-making, adopting modern security methods like OAuth2 ensures that integrations are both secure and efficient. This shift provides Nakisa customers with a future-proof solution to maintain secure, reliable connections with SAP SuccessFactors and other platforms, supporting their HR and organizational strategies.