Skip to main content



Coupa Success Portal

Link Risk Assess Users to Coupa Account


The Link CRA Instance with CE feature is a super admin tool that links Risk Assess users to a Coupa account. This feature allows for single-sign-on (SSO) functionality for users of both Coupa and Risk Assess.

To use this feature, you must be a Risk Assess administrator.

Run the Link CRA Instance with CE tool

CRA - Link Instance with CE.png

To configure SSO for Risk Assess users, log into Risk Assess as a Super Admin and go to Coupa SuperUser Functions. Click Link CRA Instance with CE.

CRA - Link Risk Assess.png

Complete the following fields:

Field Description
Select Tenant Select the CRA tenant to be linked for SSO.
Enterprise URL

Enter the Coupa Enterprise URL, paying close attention to formatting.

Enterprise Instance Name

Enterprise Instance Name should match the first part of the URL. Following the example above, your instance name should look like this:

  • example-instance1

When you have completed the fields, click Save.

If you see that you entered either field incorrectly, you may now update it and click Update. Please note that the Update button should only be used before you click Create SSO Client in CE. See the Troubleshooting section if you discover an error after you created an SSO Client in Coupa Enterprise.

Now, click Create SSO Client in CE when you are sure the information you entered is correct. Wait for the browser to stop loading before you leave this page.

Create SSO Client in CE.png

When you successfully create an SSO client in Coupa Enterprise, Client ID saved in Enterprise and SSO URL saved in Enterprise fields will update.

CRA - Client ID and SSO URL.png

Connect Coupa and Risk Assess ID

A Coupa Enterprise username needs to be entered into the Risk Assess User Management page to connect the two IDs. To complete this go to Admin > User Management.

CRA - User Management.png

Select the appropriate user > go to Detail and fill in the Coupa Username field with the user’s Coupa Login name created by Customer Support.

The Coupa Enterprise Login field and the Risk Assess Coupa Username field must match for the configuration to be successful.

Coupa Login Risk Assess Coupa Username
username-screenshot-enterprise.png demo-user-RA.png

After all these steps are complete, SSO is now configured for the user. These steps must be repeated for each user.


  • A prerequisite for SSO to work is that the user must be able to log into Risk Assess. SSO configuration will not work if that user cannot log in.

  • If a user cannot log into Risk Assess, log into Coupa and go to Setup > Company Setup > Users > Select the user. Under User Details, the Login field must match the Coupa Username field in Risk Assess.

Coupa - Login field.png

In Risk Assess, go to Admin > User Management > Select the user. Under Detail you will see the Coupa Username field. This must match the user’s Login field in Coupa Enterprise.

CRA - Coupa Username.png

  • The Enterprise URL must be entered exactly as displayed. It must not contain a forward slash at the end.

  • If your Enterprise URL is entered incorrectly, Delete your entry follow the steps to create your SSO client once again. This will create a new Client ID that will allow you to configure your SSO client successfully.

  • To verify if your entry is correct, go the Coupa Support page > Scroll down to Coupa Risk Assess (CRA) Configurations > Select and Copy the Risk Assess Server URL to a text editor.

Now, go to Setup > Company Setup > Open Connect Clients > Find the corresponding Identifier for your SSO entry. Compare the Redirect Uri to the Risk Assess Server URL you copied earlier. These two URLs should match exactly, including capitalization.

  • Was this article helpful?