Client Certificate Authentication

still not available in CPQ
CPQ SOAP API supports mutual/two-way SSL authentication, also known as client certificates. Client certificates ensure safe authentication between two parties (the client and the server) through verifying the digital certificates coming from both parties.

Authentication Workflow

The authentication commences on the client's side (a web browser or a client application). The client first requests access to a protected resource, in this case the CPQ server. The server sends a certificate to the client for verification. As the client verifies the authenticity of the CPQ certificate, the client on its side sends a certificate to CPQ. Ultimately, when the server successfully verifies the requester's identity, access to CPQ is granted.

Currently, only one CPQ integration user can be mapped with the client certificate. For more information on mapping a user with the certificate, please contact CPQ support through CallidusCloud Community. Upon mapping, the user no longer has to provide the username, password and domain when accessing CPQ as the client certificate is attached to the request. In future versions of CPQ, administrators will have the possibility to upload certificates for their underlying users.

You are here: SAP CPQ Online HelpSAP CPQ APIClient Certificate Authentication