Magento to TradeCentric Punchout2Go Implementation

In Magento, “punchout” is a feature that allows buyers to use their own procurement systems, such as SAP Ariba or Coupa, to shop directly on a supplier’s online store. This functionality is particularly valuable in business-to-business (B2B) transactions, as it streamlines the purchasing process by integrating the buyer’s procurement system with the supplier’s eCommerce platform, ensuring a seamless and efficient shopping experience.

How Does it Work? 

The below steps ensure that all purchasing data is kept within the buyer’s procurement system, making it easier to manage, track, and report purchases: 

Step 1: Start Shopping

The buyer begins the purchasing process within their own procurement system.

Step 2: Redirect to the Supplier’s Store

The procurement system redirects the buyer to the supplier’s Magento store using the punchout credentials.

Step 3: Shopping on Magento

The buyer shops on the Magento store just like any regular eCommerce site, adding items to their cart.

Step 4: Transfer Cart Back 

Instead of completing the checkout on Magento, the cart details are sent back to the buyer’s procurement system. (ie. punchout system)

Step 5: Approval and Final Purchase

The procurement system handles any necessary approvals and finalizes the purchase based on the organization’s internal processes.

Challenges of Implementation

Using punchout in Magento 2 comes with several challenges, and the main challenge we faced during our implementation was related to the punchout module.

Instead of using a standard punchout module, we opted for a custom punchout implementation because we’re working with a headless front end and a Magento backend. By implementing the punchout API concept, we were able to overcome these challenges and successfully complete the punchout process.

1. Integration Complexity

  • System Compatibility: Integrating Magento 2 with various procurement systems like SAP Ariba, Coupa, or Oracle can be complex.
  • Customization Needs: Custom configurations or extensions may be required, which can increase development effort and cost.

2. Data Synchronization

  • Real-Time Updates: Keeping the product catalog, pricing, and availability synchronized in real-time is challenging.
  • Error Handling: Managing inconsistencies and errors in data transfer can lead to order issues and delays.

3. Security Concerns

  • Authentication: Ensuring secure authentication and authorization between systems to prevent unauthorized access.
  • Data Privacy: Protecting sensitive data during transmission and storage.

4. User Experience

  • Consistent Experience: Providing a smooth experience for buyers transitioning between systems.
  • Training Needs: Educating buyers and staff on how to use the punchout system effectively.

5. Technical Support and Maintenance

  • Ongoing Support: Offering continuous technical support to address issues and updates.
  • Maintenance Costs: The cost of maintaining and updating the integration.

6. Compliance and Standards

  • Standards Adherence: Ensuring the implementation adheres to eProcurement standards.
  • Regulatory Compliance: Meeting data security and transaction handling regulations.

7. Performance Issues

  • Scalability: Managing large transaction volumes without a decline in performance.
  • Latency: Minimizing delays in data transfer and system response times.

Problem Statement

Punchout integration enhances the efficiency and effectiveness of the procurement process, benefiting both buyers and suppliers.

  • Punchout integrates with the buyer’s procurement system, ensuring that all purchases comply with the organization’s internal approval and budgeting processes. Orders are created and managed within the buyer’s procurement system, centralizing data and making it easier to track and manage purchases.
  • Additionally, punchout integration consolidates purchasing data within the procurement system, improving reporting and analytics capabilities. By automating the transfer of cart details and streamlining the approval workflow, punchout reduces manual entry and processing time.
  • It also provides a seamless and consistent shopping experience for buyers, reducing friction and making it easier for them to complete purchases.

How TradeCentric Supports Implementation in Our Project

  • TradeCentric needs to determine the method of authorization for the punchout connection. TradeCentric supports various methods, including OAuth1, OAuth2, JWT, IP whitelisting, and basic authorization using a static bearer token in the header of the request.
  • Klizer is responsible for building the API we connect to, and setting the cookies for the user once they are authenticated into the headless storefront. Additionally, Klizer will need to support an “on-the-fly” user creation process for the punchout authentication.
  • TradeCentric can assist with standardizing the contact information and the structure of the authentication request, but Klizer will be responsible for implementing the dynamic user creation process.
  • Once the user completes their punchout experience and proceeds to create a cart, Klizer will need to post the cart details back to the return URL provided in the initial authentication request. This URL, which is dynamic and changes with each session, must be stored and tied to the session.
  • The request can come from either the server or the client side and will be handled in JSON format.

How to Implement a Project with the Help of APIs

We used two APIs from the Magento side:

  • Login API
  • Purchase Order API

The implementation of login, cart, and order involves three parts:

  • Login Implementation: Handled on the Magento side.
  • Cart Implementation: Managed on the headless frontend side.
  • Order Implementation: Executed on the Magento side.

Flow Diagram of Normal PunchOut User For Login

Login Implementation

API Name: Login 

Description: This API is used to check if a user exists or to create a new user.

For new Users: If the email address from the PO request does not exist in Magento, we will create a new user in Magento and auto-approve them. We will then allow the user and send a start_url with the authenticated token in the response to the Punchout team.

For existing Users: If the email address from the PO request is already available in Magento, we will validate the user, create an authenticated token, and send a start_url including the authenticated token in the response to the Punchout team.

Note:

  1. If the email address from the PO request exists in Magento but is not yet approved, we will auto-approve the user and then send the authentication token to the Punchout team. 
  2. The Validate User API will be used when the user attempts to log in to verify if the user exists in the ERP system.

Bearer Token:

Bearer  wackbduz*******************


Base URL: https://adminbaseurl.com/rest/

Execute URL: https://adminbaseurl.com/rest/V1/api/loginrequest

Login Request:
Request Method – POST

URL –  /V1/api/loginrequest

Headers: 

Content-Type: application/json

Authorization: Bearer wackbduz*******************

Body:

Note: Due to the Ariba team’s request, we have modified the payload. Since they are unable to send the “ship to” address from their side, we are now retrieving the address from the company admin account and assigning it to the punch-out users.

Request: 

{
   "pos": "DR660d46643835b",
   "operation": "create",
   "return_url": "https://connect.tradecentric.com/gateway/link/api/id/DR660d46643835b",
   "redirect_url": "https://connect.tradecentric.com/gateway/link/return/id/Tq664249d286f94?redirect=1",
   "params": {
       "header": {},
       "type": "setuprequest",
       "mode": "test",
       "body": {
           "data": {},
           "contact": {
               "name": "test check",
               "email": "onflyadmintest@gmail.com",
               "unique": "address"
           },
           "buyercookie": "Zj660d4663e79fe",
           "postform": "https://portal.tradecentric.com/province_electric_supply/console/tools/punchout/session/1121317/act/order?buyercookie=Zj660d4663e79fe&i=1133172fecaeb98ebff230331d395895",
          "shipping": {
           "data": {
           }
           },
           "items": [
           ]
       },
       "custom": {
               "account_number": "00012345"
,                "organisation_id": "12345"
,                "organisation_name": "test preproduction"
       }
   }
}

Response:

{
    "start_url": "https://frontendbaseurl.com/?authcode=dmx3M29qbz**************************="
}

Cart Implementation

For cart transfer, we implemented the process on the headless front end. The return URL is obtained from Magento and is provided in the PO request during the Login Punchout process. The cart data is then sent to this return URL. After submitting the data, the system returns a redirect URL to the punchout dashboard, allowing the user to place the order.

Order Implementation Magento to Punchout

API Name: Purchase Order API

Description

This API is used to create an order in Magento and DDI with the help of the PO request.

While the order is completed in Punchout, we also need to create the order in Magento to maintain records. We use this API to create the order in Magento, with payment considered as “on account.” After creating the order in Magento, we pass the order details to the ERP via the Submit Order API to generate the DDI order ID. In response, we provide the Magento order ID.

Bearer Token:
Bearer wackbduz********************

Base URL – https://adminbaseurl.com/rest/

Execute URL – https://adminbaseurl.com/rest/V1/api/orderapirequest

Order Request:

Request Method – POST

URL –  V1/api/orderapirequest

Headers: 

Content-Type: application/json

Authorization: Bearer wackbduz********************

Body:

Sample Payload: 

{
 "punchout_session": "",
 "account_number": "00012345",
 "mode": "production",
 "shared_secret": "abracadabra",
 "api_key": "YWJjZDEyMzQ=",
 "store_code": "default",
 "header": {
   "from_domain": "NetworkID",
   "from_identity": "TEST_CORP",
   "to_domain": "NetworkID",
   "to_identity": "SUPPLIER_INC",
   "shared_secret": "not_very_secret",
   "po_payload_id": "93369535150910.10.57.136",
   "po_order_id": "PO-123",
   "po_order_date": "2022-11-18",
   "po_order_type": "new",
   "order_request_id": 12345678,
   "data": {}
 },
 "details": {
   "total": 142.09,
   "currency": "CA",
   "shipping": 10.09,
   "shipping_carrier_title":"[2 business days]",
   "shipping_method_title": "FedEx Ground",
   "shipping_method_code": "fedex-courier.ground",
   "shipping_carrier_code": "realtimerates",
   "tax": 8.64,
   "tax_title": "Sales tax - 7% Tennessee",
   "ship_to": {
     "address_id": "TN.04",
     "address_name": "Test Corp. - Nashville Branch",
     "deliverto": "John Doe",
     "street": "4094 Port Washington Road",
     "city": "Canmore",
     "state": "AB",
     "postalcode": "T0L0M0",
     "country": "Canada",
     "country_code": "CA",
     "email": "onflyadmintest@gmail.com",
     "telephone": "888-555-9876"
   },
   "bill_to": {
     "address_id": "TN.04",
     "address_name": "Test Corp. - Nashville Branch",
     "deliverto": "John Doe",
     "street": "4094 Port Washington Road",
     "city": "Canmore",
     "state": "AB",
     "postalcode": "T0L0M0",
     "country": "Canada",
     "country_code": "CA",
     "email": "onflyadmintest@gmail.com",
     "telephone": "888-555-9876"
   },
   "contact": {
     "name": "Jane Doe",
     "email": "onflyadmintest@gmail.com",
     "phone": "888-555-1234"
   }
 },
 "items": [
   {
     "line_number": "101",
     "requested_delivery_date": "2024-02-25",
     "quantity": 3,
     "supplier_id": "2315006",
     "supplier_aux_id": "MIL-2950-20",
     "unitprice": 41.15,
     "currency": "CA",
     "description": "M18™ PACKOUT™ Radio + Charger",
     "uom": "EA",
     "comments": "",
     "session_key": "abcde12345fghij",
     "cart_position": 0,
     "data": {}
   }
 ]
}

Sample Response: 

{
    "order_id": "000002403"
}

Conclusion

We understand the intricacies of integrating with various procurement systems such as SAP Ariba and Coupa, and we are committed to providing secure, efficient, and scalable solutions.

At Klizer, we specialize in delivering tailored eCommerce and IT solutions, including the implementation of complex integrations like Magento to PunchOut TradeCentric API. Our expertise in headless architecture and custom API development ensures seamless procurement experiences for B2B businesses. 

Reference URLs: 

TradeCentric.com

Reference Tradecentric Api implementation URLs are used for our Magento project

PunchOut Request to log in: Link: (used in magento API integration)

https://app.swaggerhub.com/apis/PunchOut2Go/PunchOut-Request-to-Supplier/1.0.0

Province Electric PunchOut Return Cart to TradeCentric: (used in frontend headless to connect and transfer cart data to the redirect URL)

https://app.swaggerhub.com/apis/PunchOut2Go/PunchOut-Return-Cart-from-Supplier/1.0.0

Inbound Purchase Order to order complete: (used in magento API integration)

https://app.swaggerhub.com/apis/PunchOut2Go/Purchase-Order-Request-to-Supplier/1.0.0

Outbound Invoice from Province Electric to TradeCentric: (Not used in the project)

https://app.swaggerhub.com/apis/PunchOut2Go/Invoice-Request-from-Supplier/1.0.0

About The Author

Discover What You’re Missing

Get in touch with us for expert consultation