Earlier this week, SAP announced updates to its policy for the use of SAP APIs. It didn’t take long for customers to express their concern on the SAP Community pages and LinkedIn. This reaction is understandable, as SAP is telling customers they cannot use certain features anymore. It appears that ongoing practices are now considered non-compliant. The changes were introduced with limited notice and without a clear, immediate benefit for customers.
The question is, though, what does SAP’s new directive mean for customers? The answer to that is, I’m afraid, the new policy is likely to have far-reaching consequences, both for customers and for third-party software vendors.
Below is my understanding of the updated policy. I expect the legal departments will be very busy over the next few days to help customers and vendors understand what it actually means for them.
Disclaimer: I’m not a lawyer, and this isn’t legal advice. This article reflects my understanding and interpretation only—you should always validate with SAP and/or your legal advisers before acting on it.
What policy has changed?
The title of the policy is simply ‘SAP API Policy’. You can find it here on SAP’s website. It’s not a long article and uses plain language. It boils down to this:
You may only use SAP Published APIs and SAP‑endorsed data access mechanisms, and only for their documented purposes.
This potentially means that many customers will need to rethink how they ingest SAP data into their data platforms. Let’s look at the most common ways customers ingest SAP data today, and what the new policy means for each.
- Third-party products (Fivetran, Qlik, Theobald, SNP Glue, etc.)
It depends. Some connectors may need to adapt. Customers should look to their vendors for clarification; vendors are likely to publish an updated position soon.
- CDS views
This is the tricky part. My understanding is that you are still compliant if you use SAP-delivered CDS views, specifically enabled for extraction.
- ODP Framework
ODP was designed for large-scale data extraction and, over OData, is specifically endorsed in the infamous Note 3255746. The ODP mechanism for OData is effectively creating a custom interface used for large-scale replication, which is not compliant with the new API policy. At the time of writing, Note 3255746 was not available on the SAP website. I expect the wording will be updated in the next few days.
- SAP SLT and SAP Data Services
Both are SAP products, and the use case of extracting data at scale is documented by SAP. Use of these products remains compliant. While their use remains compliant, both Data Services and SLT are legacy products and have little value in a modern data architecture.
- SAP Business Data Cloud (SAP BDC)
Welcome to the future. Although the API Policy doesn’t specifically refer to SAP BDC, it is clear that SAP regards SAP BDC as the only compliant way to expose data to third-party data platforms. SAP has invested a lot of time to create better integration with Snowflake, Databricks, Microsoft Fabric and the Google Cloud Platform. How seamless the experience is depends on the platform, although over time I expect that every platform (including AWS) will have some form of seamless integration through zero-copy cloning. That is great, but there are a few reasons why customers are not jumping with joy just yet: implementing BDC is a significant change to customers’ data architecture and requires considerable effort; it might make the landscape more complex instead of simplifying it; and SAP BDC—specifically the integration with third-party cloud platforms—is still new or a work in progress for some platforms, which comes with its own risks. There is also, of course, the question of cost. SAP BDC represents a broader proposition than simply extracting data from SAP, encompassing governance, security, shared semantics and data products, and deeper integration across the data landscape—all of which need to be considered alongside pricing.
Action is needed
Customers using third‑party ingestion tools should look out for updates from their vendors, as some connectors may need to change.
If you are using OData interfaces, now is the time to talk to SAP. Rather than pulling the plug immediately, SAP’s likely approach is to agree a transition roadmap toward compliance—most likely centred on SAP Business Data Cloud (BDC).
And if your landscape still relies heavily on legacy tools such as Data Services or SLT, this may be the catalyst to modernise. These platforms often stand in the way of faster, more flexible access to SAP data.
We’ll keep tracking updates from SAP and the ecosystem and will continue to publish follow-up posts as new information emerges. Follow the blog if you’d like to stay informed.
