Skip to content

Punchout Catalog - Procurement

Purpose of this document is to provide administrative configuration needed to setup the connection between IFS Procurement Punchout solution and supplier’s webshop.

Configure Supplier Punchout Setting

Punchout Procurement Catalog enables a user to navigate to a supplier’s webshop and checkout parts to the procurement system. IFS Procurement Punchout solution supports two protocols, and both can be configured in;

Supplier -> Purchase -> Punchout Settings

OCI Protocol

  • Punchout URL
    Punchout URL for OCI follows below format:
https://www.samplewebshop/PunchOut/oci?OCIVERSION=4.0&SENDERID=<sender id>&PASSWORD=<password>&USERNAME=<user name>&NEW_ITEM-VENDOR=<vendor>&ACCOUNT_CODE=&AGREEMENT_NO=&OCICANCEL=<url endpoint>&HOOK_URL=<redirect url>?uniqueid=<query parameters>

Components up to &HOOK_URL needs to be specified as the input and this can be obtained from the supplier.

Note: URL components from &HOOK_URL will be appended when the punch-in request is been made.

OCI 4.0 version is supported from IFS Cloud 21R2 release. Note that according to this version, Supplier's webshop login credentials are sent in the URL. As a more secure protocol, it is recommended to follow cXML if possible.

cXML Protocol

  • Punchout URL
    The URL endpoint to receive the cXML PunchOutSetupRequest document in the webshop.

  • Domain
    Usually a DUNS (Dun & Bradstreet Universal Naming System) or NetworkID. Corresponds to To/domain attribute value in the cXML PunchOutSetupRequest document.

  • Identity
    Supplier’s Identity. Corresponds to To/Identity element value in the cXML PunchOutSetupRequest document.

  • Sender Domain
    Usually a DUNS or NetworkID (Can use either value if not provided by the supplier). Corresponds to From/domain (and Sender/domain) attribute value in the cXML PunchOutSetupRequest document.

  • Sender Identity
    Buyer’s Identity registered in the supplier’s webshop. Corresponds to From/Identity (and Sender/Identity) element value in the cXML PunchOutSetupRequest document.

  • Use MAC
    Indicate to encrypt the shared secret using MAC (Message Authentication Code) when sending the cXML PunchOutSetupRequest document. Only need to specify when the webshop supports MAC encryption.

    Note: When using cXML, it is recommended to use MAC authentication method to minimize the risk of exposing shared secret even though the message is protected by HTTPS. But sending shared secret without MAC is also supported.

  • Shared Secret
    A password that validates the buyer in the supplier’s webshop. Corresponds to Sender/SharedSecret element value in the cXML PunchOutSetupRequest document.

Sample cXML HEADER elements:

<Header>
    <From>
        <Credential domain="SENDER_DOMAIN">
            <Identity>SENDER_IDENTITY</Identity>
        </Credential>
    </From>
    <To>
        <Credential domain="TO_DOMAIN">
            <Identity>TO_IDENTITY</Identity>
        </Credential>
    </To>
    <Sender>
        <Credential domain="SENDER_DOMAIN">
            <Identity>SENDER_IDENTITY</Identity>
            <SharedSecret>SENDER_SHARED_SECRET</SharedSecret>
        </Credential>
        <UserAgent>IFS Applications (VERSION)</UserAgent>
    </Sender>
</Header>

Note: Element/attribute values denotes to the DB columns of following table:

plsql supplier_punchout_setup_tab

Documentation for the development guide when handling OCI and cXML flow can be found in the Development Guide.