should concur integration be setup with token or saml

AI generated answer (using internal Slack threads):

Based on the conversations, it seems that both SAML and Token Based Authentication (TBA) are used in different scenarios. SAML is often used for Single Sign-On (SSO) purposes. It works well with Azure AD and allows users to manage fewer passwords. It also helps with off-boarding users automatically, which is beneficial for audit purposes. However, there might be some issues with using the same SAML setup for production and sandbox environments. On the other hand, Token Based Authentication (TBA) is used for third-party integrations. Disabling login access for a user with assigned access tokens will break the integration. Therefore, it's common to assign each integration its own Integration Record and Integration Role, and then assign the access tokens to a single 'NS Integration' Employee record. In conclusion, whether to use SAML or TBA for Concur integration depends on the specific requirements of the integration. If the integration requires SSO, SAML might be a better choice. If the integration is purely for data exchange without the need for SSO, TBA might be more suitable. ****** Disclaimer: This response was generated by an artificial intelligence assistant based on previous conversations from multiple Slack channels, and may contain inaccuracies or mistakes. ******