Skip to main content

Celonis Product Documentation

Additional cloud based sources

Important

Any references to third-party products or services do not constitute Celonis Product Documentation nor do they create any contractual obligations. This material is for informational purposes only and is subject to change without notice.

Celonis does not warrant the availability, accuracy, reliability, completeness, or usefulness of any information regarding the subject of third-party services or systems.

Using pre-built extractor templates, you can connect your Celonis Platform team to a number of cloud based source systems. By using the extractor templates to create a data connection in your data pool, you can efficiently connect to the system, configure and execute your extraction and transformation tasks, and then model the selected data.

To learn how to use the following extractor templates, see: Connecting data sources.

Allowlisting Celonis domain names, IP addresses and third party domains

When configuring your connections between the Celonis Platform and your cloud based source systems, you may need to allowlist the Celonis domain names and IP addresses. For more information, see: Allowlisting domain names and IP addresses

When configuring your Amazon S3 connection, the following authentication methods, endpoints, and further information are available:

Authentication method

The Amazon S3 REST API requires you to provide an access key ID and a secret access key in order to connect to the Celonis Platform.

You can create both access key ID and the secret access key in the My Security Credentials of your Amazon S3 instance. When creating these assets, you should assign the following permissions:

  • s3:GetBucketAcl

  • s3:GetObject

  • s3:ListBucket

  • ACL: bucket-owner-full-control (if writing files to the S3 bucket from an external location)

A JSON example of these permissions is:

{
    "Version": "2023-11-30",
    "Statement": [
        {
            "Sid": "Celonis S3 Extractor",
            "Effect": "Allow",
            "Principal": {
                "AWS": "<THE ARN OF YOUR IAM USER>"
            },
            "Action": [
                "s3:GetBucketAcl",
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::<YOUR BUCKET>",
                "arn:aws:s3:::<YOUR BUCKET>/*"
            ]
        }
    ]
}
Available endpoints

For a full list of available endpoints for Amazon S3, see: Amazon S3 API Reference.

Further information

When connecting to Amazon S3, note the following points:

  • Table schema: There are two ways to get your files in the Amazon S3 bucket translated into a table structure:

    • Add specific files to an extraction. In this case, each file will result in a corresponding table with the table name matching the file name.

    • Add a complete folder to an extraction. In this case, all files in the folder are combined into one table, with the table name matching the folder name. This method requires all files in the folder to conform to the same schema and file type.

  • Filtering and delta loads: Filtering is not supported for S3 extraction. Therefore, there are no delta filters. You can execute your extraction as full loads or as delta loads. For full loads, the extraction will replace existing tables. For delta loads, it will append the records to the existing tables.

  • Data access: The Celonis Extractor performs read-only operations on your S3 bucket. No writing changes (such as updates and deletions) will be performed during the extraction process.

  • Security: Transfer of the data from S3 to the target system is secured through HTTPS, which allows for an encrypted exchange of information.

  • Supported file types: CSV, JSON, and Parquet.

When configuring your Bamboo connection, the following authentication methods, endpoints, and further information are available:

Authentication method

The Bamboo REST API uses basic authentication. To connect to your Bamboo instance, you need to provide a username and password.

Available endpoints

The default Bamboo extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Build plan

Retrieve data about build plans.

GET

Build branch

Retrieve data about build branches.

GET

Build result

Retrieve data about build results.

GET

Deployment project

Retrieve data about deployment projects.

GET

Deployment environment

Retrieve data about deployment environments.

GET

Deployment result

Retrieve data about deployment results.

GET

Redeployment version

Retrieve data about redeployment versions.

Further information

For further information about Bamboo and their REST APIs, see: Bamboo Documentation - REST APIs.

When configuring your Bitbucket Cloud connection, the following authentication methods, endpoints, and further information are available:

Authentication methods

The Bitbucket Cloud REST API uses basic authentication or OAuth2:

  • Basic authentication: Provide a username and password.

  • OAuth2: Provide a client ID and client secret.

For both authentication methods you must also supply the project and repository name as parameters.

Available endpoints

The default Bitbucket Cloud extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Branches

Retrieve data about branches.

GET

Commits

Retrieve data about commits.

GET

Hooks

Retrieve data about hooks.

GET

Pull Requests

  • Pull Request Activity

  • Pull Request Commits

Retrieve data about pull requests.

GET

Tags

Retrieve data about tags.

Further information

For more information about Bitbucket Cloud, see: Bitbucket Cloud Documentation - REST APIs.

When configuring your Conexiom connection, the following authentication method, endpoints, and further information are available:

Authentication method

Conexiom REST API uses the OAuth 2 authentication method. To establish a connection to Conexiom, you must provide the following information:

  • API URL

  • HubCo ID

  • OAuth2 fields: Username, password, client ID, and client secret.

Available endpoints

The default Conexiom extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Alerts

List of all Alerts for the given HubCo.

GET

Alert per Document

Information about one specific Alert per Alert ID.

Depends on endpoint: Alerts

GET

SpokeCos per HubCo

List of all SpokeCos for the given HubCo.

Request parameter: lastModifiedFromDate (for Delta Filter)

GET

Documents per SpokeCo

List of all Documents for the given SpokeCo ID.

Depends on endpoint: SpokeCos per HubCo

Request parameter: ProcessedOnFromDate (for Delta Filter)

GET

Document Data

Information about one specific Document per Document ID.

Depends on endpoint: Documents per SpokeCo

GET

Filelist

List of all files for the given Document ID.

Depends on endpoint: Documents per SpokeCo

GET

Buyers

List of all buyers for the given SpokeCo ID.

Depends on endpoint: SpokeCos per HubCo

GET

Addresses

List of all addresses for the given SpokeCo ID.

Depends on endpoint: SpokeCos per HubCo

GET

SpokeCos

Information about one specific SpokeCo per SpokeCo ID.

Depends on endpoint: SpokeCos per HubCo

Further information

For further information about Conexiom, see: Conexiom Knowledge Base.

When configuring your Confluence Cloud connection, the following authentication methods, endpoints, and further information are available:

Authentication methods

The Confluence Cloud REST API uses basic authentication or OAuth2:

  • Basic authentication: Provide a username and password.

  • OAuth2: Provide a client ID and client secret.

For both authentication methods you must also supply the project and repository name as parameters.

Available endpoints

The default Confluence Cloud extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Audit records

Retrieve data about audit records.

GET

Audit retention period

Retrieve data about audit retention periods.

GET

Blueprint templates

Retrieve data about blueprint templates.

GET

Content

  • Content history

  • Content attachments

  • Content children

  • Content descendents

  • Content comments

  • Content labels

  • Content properties

  • Content restrictions

  • Content versions

Retrieve data about content.

GET

Content templates

Retrieve data about content templates.

GET

Groups

  • Group members

Retrieve data about groups.

GET

Themes

Retrieve data about themes.

GET

Spaces

  • Space content

Retrieve data about spaces.

Further information

For further information about Confluence Cloud's REST API, see: Confluence Cloud - API Documentation.

When configuring your EcoVadis connection, the following authentication method, endpoints, and further information are available:

Authentication method

The EcoVadis REST API uses OAuth2 authentication:

  • OAuth2: Provide a username, password, client ID, and client secret.

Available endpoint

The default EcoVadis extractor allows you to call this endpoints:

Method

Endpoint

Description

GET

EV data

Retrieve sustainability ratings and ESG data for suppliers

Further information

For further information about EcoVadis, see: EcoVadis Help Center.

When configuring your Gmail connection, the following authentication method, endpoints, and further information are available:

Authentication method

The Gmail REST API uses the OAuth2 authentication method, requiring you to provide a username, password, client ID, and client secret. To access these, you must complete the following steps in your Google Workspace:

  1. Create a Google Cloud project, see: Google Workspace - Create a Google Cloud project.

  2. Enable the Gmail API for the project created in step 1, see: Google Workspace - Enable Google Workspace APIs.

  3. Configure the OAuth consent, see: Google Workspace - Configure the OAuth consent screen and choose scopes.

  4. Create access credentials, see: Google Workspace - Create access credentials.

    When prompted to add a redirect URL, use the following:

    https://auth.redirect.celonis.cloud/extractor_redirect
  5. Create a connection to your Gmail account in your Celonis Platform data pool. See: Connecting data sources.

Available endpoints

The default Gmail extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Calendar List

Retrieve data about the calendar.

GET

Events

Retrieve data about events in the calendar.

GET

Settings

Retrieve data about settings.

Further information

For further information about Gmail's REST API, see: Google Workspace - Gmail API Overview.

When configuring your Google Calendar connection, the following authentication method, endpoints, and further information are available:

Authentication method

The Google Calendar REST API uses the OAuth2 authentication method, requiring you to provide a username, password, client ID, and client secret. To access these, you must complete the following steps in your Google Workspace:

  1. Create a Google Cloud project, see: Google Workspace - Create a Google Cloud project.

  2. Enable the Google Calendar API for the project created in step 1, see: Google Workspace - Enable Google Workspace APIs.

  3. Configure the OAuth consent, see: Google Workspace - Configure the OAuth consent screen and choose scopes.

  4. Create access credentials, see: Google Workspace - Create access credentials.

    When prompted to add a redirect URL, use the following:

    https://auth.redirect.celonis.cloud/extractor_redirect
  5. Create a connection to your Gmail account in your Celonis Platform data pool. See: Connecting data sources.

Available endpoints

The default Google Calendar extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Calendar List

Retrieve data about the calendar.

GET

Events

Retrieve data about events in the calendar.

GET

Settings

Retrieve data about settings.

Further information

For further information about Gmail's REST API, see: Google Workspace - Gmail API Overview.

When configuring your Google Sheets connection, you need to supply the URL of the Google Sheet you wish to connect.

Your Google Sheet URL will be in the following format:

https://docs.google.com/spreadsheets/d/ACCOUNT-SHEETID/edit?usp=sharing

When configuring your Greenhouse connection, the following authentication method, endpoints, and further information are available:

Authentication methods

The Greenhouse REST API uses OAuth 2 authentication, requiring you to provide an API URL, username, password, client ID, and client secret. To do this, the user profile must have API credentials access enabled in the Developers Permissions area.

With API credentials access, the user can then access Configure - Dev Center - API Credential Management.

Available endpoints

The default Greenhouse extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

EV Data

Retrieves sustainability ratings and ESG data for suppliers.

GET

List Applications

List all of an organization’s applications.

GET

List Approvals For Job

List all of a job’s approval flows.

GET

List Candidates

List all of an organization’s candidates.

GET

List Close Reasons

List all of an organization’s close reasons.

GET

List Job Openings

List all of a job’s openings.

GET

List Job Posts

List all of an organization’s job posts.

GET

List Jobs

List all of an organization’s jobs.

GET

List Scheduled Interviews

List all of an organization’s scheduled interviews.

GET

List Scorecards

List all of an organization’s scorecards.

GET

List Sources

Lists an organization’s sources, grouped by strategy.

Further information

For further information, see: Greenhouse Help - Harvest API.

When configuring your Happyfox connection, the following authentication method, endpoints, and further information are available:

Authentication method

The Happyfox REST API uses basic authentication. To connect to your Happyfox instance, you need to provide a username and password.

Available endpoints

The default Happyfox extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Canned actions

Retrieve data about canned actions.

GET

Contact groups

Retrieve data about contact groups.

GET

Knowledge articles

Retrieve data about knowledge articles.

GET

Knowledge sections

Retrieve data about knowledge sections.

GET

Staff

Retrieve data about staff.

GET

Ticket categories

Retrieve data about ticket categories.

GET

Ticket custom fields

Retrieve data about custom fields.

GET

Ticket priorities

Retrieve data about ticket priorities.

GET

Ticket statuses

Retrieve data about ticket statuses.

GET

Tickets

Retrieve data about tickets.

GET

User custom fields

Retrieve data about user custom fields.

GET

Users

Retrieve data about users.

Further information

For further information about Happyfox APIs, see: Happyfox Support - Developers - APIs.

When configuring your Ironclad connection, the following authentication method, endpoints, and further information are available:

Authentication method

The Ironclad REST API uses a bearer token for authentication. For more information about the bearer token, see: Ironclad Developer - Bearer Authentication.

Available Endpoints

The default Ironclad extractor allows you to call these endpoints:

Method

Endpoint

Description

GET

Active workflows

Active workflows - approvals

Retrieve data about active workflows.

GET

Canceled workflows

Canceled workflows - approvals

Retrieve data about canceled workflows.

GET

Completed workflows

Completed workflows - approvals

Retrieve data about completed workflows.

GET

Paused workflows

Completed workflows - approvals

Retrieve data about paused workflows.

GET

Records

Retrieve data about records.

Further information

For further information about the Ironclad REST API, see: Ironclad - Developer - API.

Authentication method

The Jira Cloud REST API uses basic authentication. To connect to your Jira Cloud instance, you need to provide your instance URL, and a username and password.

Tables and columns

The following tables and their related APIs are available:

Table

API

applicationProperties

/rest/api/2/application-properties

applicationRole

/rest/api/2/applicationrole

board

/rest/agile/1.0/board

board$backlog

/rest/agile/1.0/board/%s/backlog

board$epic

/rest/agile/1.0/board/%s/epic

board$issue

/rest/agile/1.0/board/%s/issue

board$spring

/rest/agile/1.0/board/%s/sprint

board$version

/rest/agile/1.0/board/%s/version

configuration

/rest/api/2/configuration

dashboard

/rest/api/2/dashboard

field

/rest/api/2/field

groups

/rest/api/2/groups/picker

issue

/rest/api/2/search

issueLinkType

/rest/api/2/issueLinkType

issueSecuritySchemes

/rest/api/2/issuesecurityschemes

issueType

/rest/api/2/issuetype

notificationScheme

/rest/api/2/notificationscheme

permissionScheme

/rest/api/2/permissionscheme

project

/rest/api/2/project/search

projectCategory

/rest/api/2/projectCategory

projectType

/rest/api/2/project/type

resolution

/rest/api/2/resolution

role

/rest/api/2/role

serverInfo

/rest/api/2/serverInfo

status

/rest/api/2/status

statuscategory

/rest/api/2/statuscategory

user

/rest/api/2/user/search?username=.

workflow

/rest/api/2/workflow

Columns

The following column types are supported by the Jira extractor:

  • Any

  • Array

  • Date

  • Datetime

  • Number

  • Option

  • Option-with-child

  • String

  • User

  • Version

For all other column types, you must change the type from custom field to a string for it to be visible.

Further information
  • Data access: The extractor performs read-only operations on your Jira data. No writing changes (like updates, deletions) will be performed at any time during the extraction process.

  • Security: Transfer of the data from the Jira system to the Celonis Platform is secured through HTTPS, which allows for an encrypted exchange of information.

For further information about the Jira Cloud REST API, see: Atlassian Developer - REST API.

Limited Availability

This extractor is currently in limited availability mode and can be added to your Celonis Platform environment by request only.

To request access to this extractor, please create a support ticket on Celopeers.

When configuring your SAP Concur connection, the following authentication method, endpoints, and further information are available:

Authentication

To connect to SAP Concur, we recommend using OAuth 2.0. Before configuring the data connection in the Celonis Platform, you need access to an SAP Concur user with the necessary permissions extract data to external systems.

To configure your SAP Concur user, refer to the OAuth2.0 Application Management documentation here: SAP Help Portal - SAP Concur

Available endpoints

The Celonis extractor uses the standard REST API of SAP Concur. For more information, see: SAP Concur Developers Center.

SAP Concur data access

The Celonis Extractor performs read-only operations on your SAP Concur data. No writing changes (like updates, deletions) will be performed at any time during the extraction process.

SAP Concur source system impact

The Celonis Extractor is bound to the API call limits applied by SAP Concur, guarding the system from any performance issues.

Transfer of the data from the SAP Concur system to the target system is secured through HTTPS, which allows for an encrypted exchange of information.

When configuring your Zendesk connection, the following authentication methods and further information are available:

Authentication methods

The Zendesk REST API uses basic authentication or OAuth2:

  • Basic authentication: Provide a username and password.

  • OAuth2: Provide a client ID and client secret. These require you to create an API token in your Zendesk account by clicking Admin - Settings and then enabling Token Access.

For both authentication methods, you must provide your Zendesk realm. This should be provided in the following format:

https://[companyName].zendesk.com
Further information

When connecting to Zendesk, note the following points:

  • Data access: The Celonis Extractor performs read-only operations on your Zendesk data. No writing changes (like updates, deletions) will be performed at any time during the extraction process.

  • Source system impact: The Celonis Extractor is bound to the API call limits applied by Zendesk, guarding the system from any performance issues. That means that each extraction is limited to 1,000 entries per table.

  • Security: Transfer of the data from the Zendesk system to the target system is secured through HTTPS, which allows for an encrypted exchange of information.

  • Support REST API: The default Zendesk extractor uses the Support REST API provided by Zendesk. For more information, see: Zendesk - Support REST API.