ml-connector
DeltekJAGGAER

Deltek and JAGGAER integration

Deltek Vantagepoint runs project accounting, firms, and the general ledger. JAGGAER runs sourcing, purchasing, and invoice automation. Connecting the two means the supplier and GL-account masters that live in Deltek feed JAGGAER, so procurement codes spend against real accounts, and the purchase orders and approved invoices captured in JAGGAER post back into Deltek as AP invoices without re-keying. ml-connector handles the different APIs and auth on each side and moves the data on a schedule you control. Because Deltek owns the chart of accounts, the GL stays authoritative there and is only read into JAGGAER for coding.

How Deltek works

Deltek Vantagepoint exposes firms (vendors and clients), contacts, employees, and projects through its Hub APIs, and AP invoices, AR invoices, journal entries, and GL accounts through its Accounting Transaction APIs, all REST over JSON. The base URL is tenant-specific in the form https://{company}.deltekfirst.com/{company}/api/, and authentication is OAuth 2.0 using the password grant, which must be explicitly enabled from version 5.0 on. Vantagepoint supports outbound webhooks through its Workflow system, but they fire on configured record-save events rather than a general event bus and carry no HMAC signature, so finance records are most reliably read by page-based polling. Purchase order REST endpoints are not clearly documented, so POs are treated as inbound from JAGGAER.

How JAGGAER works

JAGGAER ONE exposes suppliers, purchase orders, and invoices through its JAGGAER ONE Public API, a REST surface under the /j1p/api/public/ prefix on a tenant-specific subdomain such as https://acme.jaggaer.com. Authentication is OAuth 2.0 client credentials against a Keycloak OpenID Connect endpoint whose realm is J1p-integrations, returning a roughly one-hour bearer token. JAGGAER documents bidirectional sync of vendors, purchase orders, and invoices, reads GL accounts and chart-of-accounts data from the ERP for coding, and supports invoice import through the /ji/v1/invoices/ocr/ endpoint. Event-driven push is claimed but not publicly documented, so JAGGAER is treated as pull-only until professional services configures it.

What moves between them

Master data flows from Deltek into JAGGAER, and transactions flow from JAGGAER back into Deltek. ml-connector reads firms marked as vendors and the GL accounts from Deltek and writes them into JAGGAER as suppliers and coding accounts, so buyers raise requisitions against valid records. It also feeds active projects so spend can be tagged to the right engagement. In the other direction it reads approved invoices and purchase orders from JAGGAER and posts them into Deltek as AP invoices against the matching vendor, project, and GL account. The general ledger and chart of accounts stay authoritative in Deltek, so ml-connector only reads accounts into JAGGAER and never writes ledger structure back.

How ml-connector handles it

ml-connector stores both credential sets encrypted. On the Deltek side it requests a password-grant token from the tenant /api/token endpoint, supplying the consumer key, secret, database, and API user, and refreshes it using the refresh token before the hour expires. On the JAGGAER side it requests a client-credentials token from the hardcoded Keycloak realm J1p-integrations and refreshes it on the shorter token lifetime. It accepts the full instance URL for each system as a credential, since neither vendor publishes a shared host. Suppliers and GL accounts are mapped first, so every JAGGAER invoice line resolves to a Deltek vendor, project, and account that already exists. Because JAGGAER is treated as pull-only and Deltek webhooks are workflow-scoped with no signature, both sides are read by page-based polling on a schedule you set. Neither API documents an idempotency header, so ml-connector dedups JAGGAER invoices on the supplier invoice number and queries Deltek by invoice number before posting, which avoids double-booking a re-read record. Deltek AP invoices may enter an approval workflow, so a flow can post them as drafts where the customer requires sign-off. Every record carries a full audit trail and can be replayed if a downstream call fails.

A real-world example

A 400-person architecture and engineering firm runs Deltek Vantagepoint for project accounting and the general ledger, and adopts JAGGAER to give project managers a controlled way to raise purchase orders and route supplier invoices for approval. Before the integration, an AP clerk rekeyed every approved JAGGAER invoice into Deltek as an AP voucher and manually maintained the supplier list in both systems, which slowed project billing and let the vendor masters drift apart. With Deltek and JAGGAER connected, the Deltek vendor and GL-account masters feed JAGGAER automatically, approved invoices and purchase orders flow back into Deltek coded to the right project and account, and the supplier records stay aligned. The rekeying step disappears and project costs post in the period they belong to.

What you can do

  • Push Deltek vendor firms and GL accounts into JAGGAER so procurement codes spend against valid records.
  • Post approved JAGGAER invoices into Deltek as AP invoices, matched to the right vendor, project, and account.
  • Carry JAGGAER purchase orders into Deltek so PO-to-voucher matching lines up across both systems.
  • Bridge the Deltek OAuth password-grant token and the JAGGAER Keycloak client-credentials token, with the tenant URL held for each side.
  • Poll on a schedule with supplier-invoice-number dedup, retries, and a full audit trail on every record.

Questions

Which direction does data move between Deltek and JAGGAER?
Both directions, by record type. Vendor firms and GL accounts move from Deltek into JAGGAER as suppliers and coding accounts, and approved invoices and purchase orders move from JAGGAER back into Deltek as AP invoices. The chart of accounts stays authoritative in Deltek, so ml-connector only reads accounts into JAGGAER and never writes ledger structure back.
How does the integration handle the two different OAuth schemes?
Deltek Vantagepoint uses an OAuth 2.0 password grant against the tenant /api/token endpoint and JAGGAER uses OAuth 2.0 client credentials against a Keycloak realm named J1p-integrations. ml-connector stores both credential sets encrypted, requests and refreshes each token on its own lifetime, and presents the right bearer token to each system. It also holds the tenant-specific URL for each side, since neither vendor publishes a shared host.
Does JAGGAER push invoices, or does ml-connector poll for them?
ml-connector polls. JAGGAER mentions an event-driven push mode but does not document it publicly, so it is treated as pull-only until JAGGAER professional services configures events, and Deltek webhooks are limited to workflow record-save events with no signature to verify. Because neither API documents an idempotency header, ml-connector dedups JAGGAER invoices on the supplier invoice number and checks Deltek by invoice number before posting.

Related integrations

More Deltek integrations

Deltek and Adobe CommerceDeltek and ADPDeltek and AdyenDeltek and AirbaseDeltek and Amazon Seller CentralDeltek and AnaplanDeltek and SAP AribaDeltek and AsanaDeltek and AvalaraDeltek and AvidXchangeDeltek and BambooHRDeltek and Basware

Other systems that connect to JAGGAER

Acumatica and JAGGAERDATEV and JAGGAERMicrosoft Dynamics 365 Business Central and JAGGAERMicrosoft Dynamics 365 F&O and JAGGAERMicrosoft Dynamics GP and JAGGAERMicrosoft Dynamics NAV and JAGGAEREpicor Kinetic and JAGGAERExact Online and JAGGAERFreshBooks and JAGGAERIFS Cloud and JAGGAERInfor CloudSuite and JAGGAERSage Intacct and JAGGAER

Connect Deltek and JAGGAER

Free to use. Add your credentials, ping your real systems, and see if we fit.

Get started