Sunday, December 28, 2025

SharePoint Online + Acumatica Integration Architecture (Using SPFx & OAuth2)

Modern SPFx + OAuth2 + Acumatica ERP Integration

Integrating SharePoint Online with Acumatica ERP allows organizations to bring core ERP data—such as Stock Items, Customers, Vendors, Sales Orders, and Cases—directly into a modern SPFx web part. This post shows how authentication, tokens, and data flows work together in a secure enterprise-ready design.

🌐 High-Level Architecture

The following diagram shows the full end-to-end architecture:


Figure 1 — SharePoint–Acumatica Integration Architecture

1️⃣ Solution Overview

The SPFx web part enables users to:

  • Filter and browse Acumatica entities
  • Select entity items and display fields in real time
  • Optionally save entity fields into a SharePoint list
  • Work with either cached or live ERP data

2️⃣ Architecture Components

🔹 SharePoint Online

  • Hosts SPFx UI
  • Stores selected entity data in lists
  • Authenticates via Microsoft Entra ID (MSAL)

🔹 SPFx Web Part

  • React-based UI
  • Calls backend API using access token
  • Stores access + refresh tokens
  • Displays live or saved Acumatica data

🔹 Integration API (Azure Function / App Service)

  • Handles authentication to Acumatica
  • Stores and refreshes tokens
  • Executes REST calls securely

🔹 Acumatica ERP

  • Exposes REST API
  • Supports OAuth2 & Azure AD SSO
  • Returns requested entities

3️⃣ Authentication Flows

Three authentication models can be used depending on business and security needs.

🔵 Flow A: Service Account (Admin Credentials)

A backend service account authenticates to Acumatica and returns ERP data to SharePoint. This is easiest for read-only, system-level operations.

🟢 Flow B: User Credentials (OAuth 2.0 Authorization Code)

Users enter their Acumatica credentials. Access token is issued per user, respecting their permissions in Acumatica.

🟣 Flow C: Azure AD SSO (Recommended)

Provides seamless login between SharePoint and Acumatica using the same Entra ID identity.

4️⃣ Token Lifecycle

SPFx stores and uses the following:

  • Access Token
  • Refresh Token
  • Expiry Time

When the access token expires, the refresh token is used to obtain a new one automatically. No user interaction needed.

5️⃣ Data Delivery Modes

🔹 Local Mode (Cached Data)

  • Selected entity fields saved in SharePoint list
  • Fast page load
  • Best for stable master-data

🔹 Live Mode (Real-Time API Calls)

  • Data fetched from Acumatica on every page load
  • No duplication of ERP data in SharePoint
  • Ideal for dynamic data (orders, quantities, QC updates)

6️⃣ High-Level Data Flow

  1. User opens the SharePoint page
  2. SPFx authenticates using MSAL
  3. SPFx queries the Integration API
  4. API manages token lifecycle
  5. Acumatica returns requested entity data
  6. SPFx outputs or stores the data

7️⃣ Why This Architecture Works

  • Secure (OAuth2 + Azure AD)
  • No credentials stored client-side
  • Supports real-time and cached modes
  • Scalable using Azure Functions
  • Works with enterprise SSO

Part 1 - Acumatica Files -> SharePoint DMS Integration

Part 2 - SharePoint DMS -> Acumatica Files Integration
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)