H2 2022 SAP SuccessFactors Release Analysis: Technical

Created on November 28, 2022
Last updated on December 6th, 2022 at 6:41 pm by RIzing Staff


New Add-On for SAP SuccessFactors® Employee Central Integration with SAP Human Capital Management for SAP S/4HANA®

This new add-on will ensure long-term support for customers who use Employee Central for core HR in combination with an on-premise system for payroll or time management processes.

With the SFSF EC S4 HCM INTEGRATION (ECS4HCM) add-on, customers with a hybrid HR solution environment can benefit from the new SAP HCM for SAP S/4HANA solution. Now users can enjoy the SAP HANA database and more of the underlying SAP NetWeaver code.

SAP HCM for SAP S/4HANA also provides an enhanced maintenance window until 2040, whereas mainstream maintenance ends in 2027 for the SAP Business Suite (including SAP ERP HCM).

How to deploy

The new add-on is available under the product name SAP SuccessFactors Employee Central integration with SAP Human Capital Management for SAP S/4HANA. The technical product name is SFSF EC S4 HCM INTEGRATION (ECS4HCM). The comprised software component version is ECS4HCM 100.

Customers wanting to use the add-on must ensure their SAP S/4HANA system is on release 2022 and must include the SAP HCM for SAP S/4HANA solution. S4HCM version 100 or higher must be installed in their SAP S/4HANA system.

Customers already using the SFSF EC INTEGRATION (PA_SE_IN) add-on and now want to use the SFSF EC S4 HCM INTEGRATION (ECS4HCM) add-on must upgrade.

What’s Changed

The SFSF EC S4 HCM INTEGRATION (ECS4HCM) add-on is easier to implement and run.

For example, the add-on consistently uses the Business Integration Builder (BIB) for configuration and the staging area concept in data replication from Employee Central. It also uses SAP Cloud Integration as the only middleware.

Deprecation of Non-SAML-Based Single Sign-On (SSO) in Provisioning

The non-SAML-based SSO feature in the Provisioning company settings will reach the end of maintenance and be deleted on December 9, 2022.

Customers who haven’t already migrated from non-SAML SSO authentication per Deprecation of Support for Non-SAML Single Sign-On (SSO) Settings are highly encouraged to do so to avoid disruptions in SSO behavior.

Additional Details

To provide better security for Single Sign-On (SSO), SAP ended support for non-SAML SSO settings on May 21, 2021. The non-SAML SSO feature and its settings are being removed for existing and new customer instances on November 18, 2022.

The following settings are being removed from the Single Sign-On Settings area:

  • Token Authentication
  • MD5 Authentication
  • MD5_B64 Authentication
  • SHA-1 Authentication
  • DES Authentication
  • Triple DES Authentication
  • Please enter the URL for Offline URL redirect
  • Please enter the URL for Continue session redirect

Key Dates for this deprecation

End of Development Phase

As of May 21, 2021, the deprecation milestone after which SAP stops enhancing a product or part of a product. You can continue using the software, but you should plan for when it will no longer be available. We still fix high-priority bugs.

End of Maintenance

As of May 21, 2021, the deprecation milestone after which SAP does not fix bugs or deliver patches for the software. SAP continues to answer your how-to questions. We strongly encourage you to adopt an alternative method.

Deleted

As of November 18, 2022, the deprecation milestone is when a feature is no longer available for productive use. You should now be using an alternative method.

Deprecation of HTTP Header X-SF-Correlation-Id

HTTP header X-SF-Correlation-Id will reach the end of development on December 9, 2022, and will be deleted on November 17, 2023.

In OData and REST API, the X-SF-Correlation-Id HTTP header is used for tracing and troubleshooting API issues. SAP has replaced this header with the standard header x-correlation-id. If you’re using X-SF-Correlation-Id in your API requests, please update them and use the new header before the deletion date.

Deprecation Details

The /oauth/idp API was provided for API users to generate SAML assertions for authentication. However, this method is considered unsafe because it requires users to pass private keys through an API call. Therefore, SAP is deprecating this API and encouraging customers to choose secure ways to generate SAML assertions.

Key Dates for this deprecation

End of Development Phase

As of December 9, 2022, the deprecation milestone after which SAP stops enhancing a product or part of a product. Customers can continue to use the software, but they should begin planning when it will no longer be available. SAP will still fix high-priority bugs.

End of Maintenance Phase

As of May 19, 2023, the deprecation milestone after which SAP does not fix bugs or deliver patches for the software. SAP continues to answer any customer how-to questions.

Deleted

As of November 17, 2023, the deprecation milestone is when a feature is no longer available. You should now be using an alternative method.

Deprecation of OAuth IdP API /oauth/idp

The OAuth IdP API /oauth/idp will reach the end of development on December 9, 2022, and will be deleted on November 15, 2024.

Deprecation Details

The /oauth/idp API was provided for API users to generate SAML assertions for authentication. However, this method is considered unsafe because it requires users to pass private keys through an API call. Therefore, SAP is deprecating this API and encouraging customers to choose secure ways to generate SAML assertions.

Key Dates for this deprecation

End of Development Phase

As of December 9, 2022, the deprecation milestone after which SAP stops enhancing a product or part of a product. Customers can continue to use the software, but they should plan for when it will no longer be available. SAP will still fix high-priority bugs.

End of Maintenance Phase

As of May 19, 2023, the deprecation milestone after which SAP does not fix bugs or deliver patches for the software. SAP continues to answer any customer how-to questions.

Deleted

As of November 15, 2024, the deprecation milestone is when a feature is no longer available. You should now be using an alternative method.

Enhancements to OData API

With the 2H 2022 release, SAP SuccessFactors offers OData API enhancements. These are the most relevant ones:

New Property employmentId in OData API EmpEmployment

A new property employmentId has been added to OData API EmpEmployment to identify an employment record.

SAP made this enhancement to offer customers a new way of consuming data in EmpEmployment.

In the current version, the property employmentId is available in OData API EmpEmployment.

Sample code:

{
    "d": {
        "results": [
            {
                "__metadata": {
                    "uri": "https:///odata/v2/EmpEmployment(personIdExternal='HQ0001',userId='HQ0001')",
                    "type": "SFOData.EmpEmployment"
                },
                "personIdExternal": "HQ0001",
                "userId": "HQ0001",
                "hiringNotCompleted": false,
                "isECRecord": true,
                "lastModifiedDateTime": "/Date(1582694474000+0000)/",
                "serviceDate": null,
                "endDate": null,
                "bonusPayExpirationDate": null,
                "createdDateTime": "/Date(1582694468000+0000)/",
                "employmentId": "115",
                ...
            }
        ]
    }
}

New Parameter in createOnboardee Function Import

SAP SuccessFactors has added a parameter called isRehireOnOldEmployment in the createOnboardee OData API function import. This parameter identifies whether an onboardee is matched as a rehire based on an old employment record. If the system finds a match, the employment is activated.

With this enhancement, customers can use an external Applicant Tracking System (ATS) to initiate the onboarding process for rehires based on their old employment information.

New Headers for Enhanced API Tracing and Troubleshooting

SAP SuccessFactors has added three request and response tracing headers in OData and REST API: x-correlation-id, Server, and successfactors-sourcetype.

These headers provide the following information in API requests and responses:

1.     x-correlation-id

Type
Request and response header

Purpose
This header provides a unique GUID to trace the request in the API log for troubleshooting. By default, an ID is generated in the API Gateway and sent to the API server for each call. In rare cases when no GUID is generated, such as API Gateway timeout, you can also generate your own ID and include it in the request header.

2.     Server

Type
Response header

Purpose
This header indicates where the API response is sent. Possible values are:

  • BizX: Indicates that the response is from an API server.
  • API Gateway: Indicates that the response is from the API Gateway. This often happens if the authentication fails in API Gateway.
  • <service-name>: If the value is a service name, then the response is sent from a microservice

3.     successfactors-sourcetype

Type
Request header

Purpose
This header provides information about the source client where the API request is made.

Enhancements to the Compound Employee API

The 2H 2022 release releases several Compound Employee API enhancements. These are the most relevant ones:

New Semantic Key for Work Permit in Employee Central Compound Employee API

SAP SuccessFactors added a new semantic key issue_date for a work permit in Employee Central Compound Employee API.

With this new business key added, customers can manage their work permit with a different issue date, but keep other business keys the same. For example, you can upload a new work permit with the same document number as your expired work permit but with a different issue date after renewal. For now, Employee Central Compound Employee API supports returning the latest results of the following business keys for a work permit:

  • Country
  • document_type
  • document_number
  • user_id
  • issue_date

In the current version, updating the issue_date of an existing personal_document_information record is not rendered as a CHANGE action but as INSERT and DELETE actions in the query modes Delta and Period Delta.

Sample code:


<personal_documents_information>
  <action>DELETE</action>
  <country>USA</country>
  <created_by>admin</created_by>
  <created_on_timestamp>2010-06-22T13:14:01.000Z </created_on_timestamp>
  <document_number>1234567890</document_number>
  <document_type>PP</document_type>
  <is_validated>false</is_validated>
  <issue_date>2010-06-03</issue_date>
  <last_modified_by>admin</last_modified_by>
  <last_modified_on>2022-06-23T06:44:59.000Z</last_modified_on>
</personal_documents_information>

<personal_documents_information>
  <action>INSERT</action>
  <country>USA</country>
  <created_by>admin</created_by>
  <created_on_timestamp>2010-06-22T13:14:01.000Z </created_on_timestamp>
  <document_number>1234567890</document_number>
  <document_type>PP</document_type>
  <is_validated>false</is_validated>
  <issue_date>2020-05-23</issue_date>
  <last_modified_by>admin</last_modified_by>
  <last_modified_on>2022-06-23T06:44:59.000Z</last_modified_on>
</personal_documents_information>

Talk to a Rizing Expert

Whether you’re just getting started or are well on your way, we can help.