ERPOps logoERPOps AI Copilot
Sign In →Free Trial

Integration Guide

Connecting your ERP to ERPOps

This guide covers the two main connection patterns, supported authentication methods, and prerequisites. Step-by-step connector setup — including field-level configuration for each gateway — is inside the app.

Prerequisites

  • An ERPOps account (free tier or above)
  • API access or integration user credentials for your ERP
  • Your ERP's base URL or Integration Broker endpoint
  • Outbound HTTPS (port 443) access from your ERP to api.erpops.ai — for webhook push patterns
  • For OAuth flows: ability to register an OAuth client application in your ERP's admin console
  • For mTLS: a client certificate issued by your organization's CA

Supported authentication methods

ERPOps supports the authentication method your ERP natively uses — you do not need to change your ERP's security model.

Auth MethodSupported ERPsNotes
OAuth 2.0 Client CredentialsWorkday, Oracle HCM Cloud, SAP SuccessFactorsRecommended for cloud ERPs. Client ID + secret stored encrypted in ERPOps vault.
OAuth 2.0 + mTLSOracle Integration Cloud, SAP BTPMutual TLS adds certificate-based client identity on top of OAuth.
API Key / Basic + KeyNetSuite, Microsoft Dynamics, ADP, UKGAPI key or username/password+key pair. Encrypted at rest.
HMAC Webhook (inbound)All platforms via tenant-push modelTenant ERP pushes signed events to ERPOps. No inbound firewall changes needed on tenant side.
SAML Bearer AssertionPeopleSoft (IB), Oracle EBSSAML token exchanged for OAuth access token.
mTLS (certificate only)Federal / on-prem PeopleSoft, JDEClient certificate provisioned by tenant IT. No shared secret.

Connection patterns

Pattern A — Tenant-Initiated Outbound (Webhook Push)

Recommended

Your ERP or middleware sends signed events outbound to ERPOps. ERPOps never initiates a connection to your network. No IP allowlisting needed on your firewall — trust is established via HMAC signature on each request.

  1. 1Create a connector in ERPOps admin app — system generates a unique Connector ID and HMAC secret
  2. 2Configure your ERP or middleware to POST events to https://api.erpops.ai/functions/v1/receive-event
  3. 3Include X-ERPOps-Connector-Id and X-ERPOps-Signature headers on each request
  4. 4ERPOps validates the HMAC signature and ingests the event

📖 Full step-by-step setup with field-level guidance is available in the admin app at app.erpops.ai/docs after sign-up.

Pattern B — ERPOps Polls Your ERP API

Common

ERPOps calls your ERP's REST or SOAP API on a schedule to pull connector health, job status, and log data. Requires API credentials but no inbound firewall change on ERPOps's side.

  1. 1Provision an integration user or OAuth client in your ERP with read-only API access
  2. 2Enter credentials in ERPOps connector setup (encrypted at rest, never logged)
  3. 3ERPOps begins scheduled polling — interval configurable per connector
  4. 4If your ERP sits behind a firewall requiring IP allowlisting, see the Network & Security guide for options

📖 Full step-by-step setup with field-level guidance is available in the admin app at app.erpops.ai/docs after sign-up.

Start Free Trial — configure your first connector