SAP user group slams 'uncertainty' in ERP giant's API policy

Summary

SAP has updated its API and data access policies, restricting development to SAP-endorsed architectures, data services, or specific service pathways. This change has introduced significant uncertainty regarding the continued use of custom developments and legacy function modules.

Key Points

• Development is now restricted to "SAP-endorsed architectures, data services, or service-specific pathways."
• The SAP API Hub serves as the official registry for approved interfaces, though critics report the list is not consistently maintained or up-to-date.
• The policy aims to standardize integration patterns to support the growth of AI-driven automation and cloud-standard practices.
• There is significant ambiguity regarding the authorization status of SAP function modules when used for custom-built solutions.

Technical Details

The updated policy mandates that all integrations and new developments must adhere to "design-intended use" of SAP interfaces. This involves utilizing approved integration patterns and the SAP API Hub to ensure system stability and data protection. A primary technical concern involves the status of SAP function modules; while these modules technically function as APIs, the new policy does not explicitly clarify which modules remain within the authorized scope for custom-built programs. SAP maintains that these updates are necessary to manage the increased load from automation and AI-driven access while ensuring the security of shared enterprise platforms. However, the potential for SAP to revoke the "white-listing" of APIs within the API Hub introduces a risk of breaking changes for existing custom-coded integrations.

Impact / Why It Matters

Developers face increased risk when building AI-driven tools or third-party integrations that rely on non-standardized SAP interfaces. The lack of clarity regarding which APIs are permitted may prevent the deployment of new projects and the continued use of legacy custom developments.