Connecting to Coupa

Edit online

Coupa is a cloud based Business Spend Management platform that allows you to manage and analyze business spend across Procurement, Supply Chain & Finance.

To integrate Coupa with IBM watsonx Orchestrate, you need to establish a secure connection that enables both systems to communicate seamlessly. For general guidance on managing integrations, refer to Connecting apps for prebuilt agents.

Note:

The single sign-on (SSO) toggle is enabled only for supported OAuth 2.0 authentication types and applications. If the application does not support an SSO-enabled authentication type, the toggle remains disabled. For supported configurations, see Configuring single sign-on for applications.

Steps to connect

Use the following steps to connect Coupa to watsonx Orchestrate:

From the main menu, go to Manage > Security.

Important:
In IBM Cloud and the on-premises environment, use the Manage > Connections navigation path to access connections.
Click the Connections tab and search for the corresponding app name or the Coupa Connection ID.
Click Edit next to the matching connection ID.
Select the authentication method your organization uses.
Enter the Coupa‑specific fields. See Connecting apps for prebuilt agents page for general connection workflow.
Complete the Draft and Live setup steps.
Save the connection and test it to confirm that Coupa is successfully connected.

Authentication methods

Coupa supports the following authentication methods in watsonx Orchestrate:

OAuth2 Authorization Code: Recommended for production connections
Key Value Pair (KVP): Supported for API key–based and legacy scenarios

Note:

For agents created after September 2025, OAuth2 Authorization Code is the only supported authentication for Coupa.

Connection ID

Use the following Connection IDs when locating your Coupa connection in the Connections settings page. To understand how to search for a Connection ID and open a connection for editing, see Connecting apps for prebuilt agents.


Authentication type	Connection ID
OAuth2 Authorization Code	`coupa_ibm_184bdbd3`
Key Value Pair	`coupa_key_value_ibm_184bdbd3` (deprecated)

OAuth2 Authorization Code

If your organization uses OAuth‑based authentication, set Authentication type to OAuth2 Authorization Code and enter the following fields:


Field	Description
`server_url`	The base URL of your Coupa instance
`authorization_url`	The URL to redirect users for login and authorization
`token_url`	The endpoint to exchange the authorization code for an access token
`client_id`	Your Coupa application's client ID
`client_secret`	Your Coupa application’s client secret
`scope`	The permissions your app needs (for example `core.read core.write`) – refer to Coupa's documentation for valid scopes

To get these values, see the Coupa API documentation.

Key Value Pair

If your organization uses API keys or a legacy configuration, set Authentication type to Key Value Pair and add each of the following fields using Add new field:


Key	Description
`base_url`	The base URL of your Coupa instance
`token_url`	The URL used to obtain the OAuth token
`client_id`	Your Coupa application’s client ID
`client_secret`	Your Coupa application’s client secret

Note: When using Key Value Pair, only Team credentials are supported.

To get these values, see the Coupa API documentation.

What to do next

Now that your app connection is live, you can start using it in watsonx Orchestrate.

Run an agent in Orchestrate Chat to complete tasks using natural language. See Using Orchestrate Chat for more details.
Use relevant agents and tools to perform app-specific actions. See Prebuilt agents and Prebuilt tools for more details.