“According to SAP information, there should be a fair use model. However, the specific design is currently unclear and should be documented transparently in the API policy,” demands Bloch.
Another critical point is that SAP combines API use with clear technical and organizational requirements. In addition, the use of the interfaces is restricted for certain scenarios. This includes:
- undocumented purposes,
- systematic or large-scale data extractions as well
- the use in interaction with (semi-)autonomous or generative AI systems.
API use is only permitted here if it explicitly takes place in architectures or services provided by SAP.
“According to the information we have, existing customer integrations and authorized partner solutions are not affected,” says Stefan Nogly, DSAG Chief Technology Officer, giving the all-clear. However, he is of the opinion that this important protection for existing integrations that are tolerated by SAP should be explicitly recorded in the API policy.
Nogly points out that many user companies are already working on proof of concepts (PoC) and pilots based on the previous interpretation of API usage. “From the customer’s perspective, we see a significant need for clarification and adjustment – especially in order not to interrupt existing business-critical end-to-end processes or make them legally vulnerable.”
DSAG
More transparency and transition periods required
The SAP user group is particularly critical of the lack of transparency. It is neither clearly documented which APIs are specifically affected, nor is the extent clearly defined. “The question is which interfaces are used in the partner solutions,” says DSAG Chairman Hungershausen.
