| ID | NFR-2007 |
|---|---|
| Name | Ariba Event Management Orchestration Framework |
| Author | Kapila Epasinghe ( kapila.epasinghe-ext@syensqo.com ) |
| Approver | Sascha Wenninger ( sascha.wenninger-ext@syensqo.com ) |
The integration solution is designed to solve a coordination and rate limit management problem between Ariba Event Management API and Keelvar APIs .
During the implementation of Interfaces (see below) that require orchestration of the APIs between the two systems, it was discovered that strictly imposed rate limits in Ariba Event Management APIs mainly, but also Keelvar Intake and Export APIs, are reached, causing Integrations to fail.
To address this, an Integration Orchestration Solution is introduced using available tools in SAP CPI. The major aspects of the solution are:
Overall, this solution provides a robust, controlled, and extensible foundation for managing multiple API-based integrations between Ariba and Keelvar, ensuring operational stability and compliance with API usage policies in Ariba and Keelvar. And furthermore, this solution can be extended if and when further Integrations need to be implemented that utilise Ariba and Keelvar APIs, in addition to the 3 interfaces that currently ( as of 24-October-2025 ) utilise this:
| ID | Description |
|---|---|
| ERP-108 | Synchronisation of Sourcing Events created and updated in Ariba to Keelvar |
| ERP-137 | Synchronisation of Award Bids and Bid Sheets from Keelvar to Ariba |
| ERP-138 | Notification of Keelvar Event Status changes to Ariba |
Ariba Event Management API contains both intake and export endpoints supporting Ariba Strategic Sourcing Platform to read, create and update Sourcing events, Scenarios and Awards. The Event Management API requests are rate-limit controlled as shown below:
| Time limits | Number of Requests |
|---|---|
| Per second | 5 |
| Per minute | 80 |
| Per Hour | 3500 |
Keelvar Intake and Export APIs are two different sets of API Services that are utilised with the JMS Queue solution, with separated rate-limits:
| API | Burst | Sustained |
|---|---|---|
| Sourcing Events | 120 per hour | 500 per day |
| Process Job Status | 30 per minute | 600 per hour |
| API | Burst | Sustained |
|---|---|---|
| Awards | 60 per minute | 43,200 per day |
| Bids | 60 per minute | 43,200 per day |
| Events | 60 per minute | 43,200 per day |
In addition, Keelvar provides a Webhook management API which is utilised in the Event Management Orchestration between Ariba and Keelvar. However, this set of APIs do not have a published Rate-Limit controls and described in a separate document here.
To manage this constraint, the solution described in this document provides a framework to orchestrate the APIs to enable Integration implementations that can avoid or recover from rate-limiting exceptions as well as well as to handle exceptions such as data errors, service unavailability etc.
When using this solution, the following guiding principles need to be applied in the IFlows pertaining to the Integration:
| Step | Function |
|---|---|
| 1 | Multiple upstream IFlows push messages into a shared JMS Queue. |
| 2 | A Router IFlow reads messages from JMS sequentially (single-threaded). |
| 3 | Each message is routed to a specific ProcessDirect endpoint (e.g., Ariba, Keelvar). |
| 4 | Connector IFlows invoke external APIs with authentication and headers. |
| 5 | If rate limits are reached, the connector pauses and retries after cooldown. |
| 6 | Reprocessing occurs for transient failures; messages exceeding retry thresholds are ignored. |
[Upstream Systems]
│
▼
[CPI IFlows]
│
(Write to JMS Queue)
▼
[JMS Queue]
│
(Single-thread Reader)
▼
[Router IFlow]
├──> pd:/Ariba/EventConnector
└──> pd:/Keelvar/ApiConnector
│
▼
[External APIs]
Component Description
SAP CPI JMS Queue Buffers messages to control API call rates. Single-threaded reader enforces sequential processing.
Router IFlow Reads from JMS queue, determines routing path using headers (ProcessDirect).
ProcessDirect IFlows Downstream IFlows for specific integration logic (Ariba, Keelvar).
Connectors Handle API authentication (OAuth2), request building, and rate-limit enforcement.
Rate Control Mechanism Induces pauses if rate-limit headers show exhaustion.
Error & Retry Handling Managed via JMS retry logic and manual reprocessing of DLQ messages.
| Property | Value / Description |
|---|---|
| Queue Type | Standard |
| Concurrent Consumers | 1 (single-threaded) |
| Retry Count | Configurable (e.g., 5 attempts) |
| Dead Letter Queue | Enabled |
| Visibility Timeout | Based on processing time |
Reads message headers (e.g., ProcessType, TargetSystem).
Forwards to ProcessDirect endpoints using conditions:
if (target == "ARIBA") {
message.setHeader("CamelSAP_Endpoint", "pd:/Ariba/EventConnector")
} else if (target == "KEELVAR") {
message.setHeader("CamelSAP_Endpoint", "pd:/Keelvar/ApiConnector")
}
Logging and MPL trace enabled for monitoring.
Perform transformations (XML ↔ JSON).
Set up request payloads and headers.
Call connector IFlows using HTTPS.
| Function | Description |
|---|---|
| Authentication | OAuth2 Client Credentials flow using CPI Security Material. |
| Header Management | Adds Authorization, Content-Type, and API-specific headers. |
| Rate Limiting | If API returns a header like X-RateLimit-Remaining=0, connector pauses using Groovy Thread.sleep(). |
| Retry Logic | Retries with exponential backoff within JMS constraints. |
| Parameter | Description | Example |
|---|---|---|
JMS.QueueName | Queue used for execution throttling | ARIBA.KEELVAR.JMS.Q |
MaxRetryCount | Maximum reprocessing attempts | 5 |
RateLimitPause | Pause duration (seconds) when limit reached | 10 |
ProcessDirect.Ariba | Path to Ariba connector | pd:/Ariba/EventConnector |
ProcessDirect.Keelvar | Path to Keelvar connector | pd:/Keelvar/ApiConnector |
OAuth.ClientID | OAuth2 Client ID | {{Keelvar_ClientID}} |
OAuth.TokenURL | Token endpoint | https://api.keelvar.com/oauth/token |
| Scenario | Action |
|---|---|
| Temporary API Failure (HTTP 429/503) | Pause and retry after wait time. |
| Permanent API Error (HTTP 400/401/404) | Log to MPL and move to DLQ. |
| JMS Retry Exhausted | Message flagged as ignored; alert triggered. |
| Rate-Limit Exceeded | Connector pauses until limit resets. |
OAuth2 Client Credentials authentication for both Ariba and Keelvar.
Credentials stored securely in CPI Security Material.
All communication over HTTPS.
Optional integration with SAP IAG for audit reporting.
| Tool | Usage |
|---|---|
| CPI Message Monitoring | Track message status, errors, and retries. |
| JMS Queue Monitor | Check pending, in-flight, and DLQ messages. |
| MPL Logs | Track API call results and pause events. |
| Splunk / External Monitoring | Optional integration for audit and security visibility. |
Parallel JMS Queues for different process categories.
Dynamic rate adjustment using API feedback.
Integration with SAP IAG for centralized user and audit tracking.
Event-driven alerting on DLQ threshold breaches.