SAP updated its API policy on April 27, 2026, to explicitly prohibit the use of SAP APIs for “interaction or integration with (semi-)autonomous or generative AI systems that plan, select, or execute sequences of API calls,” according to ResultSense, citing reporting from The Register. The policy also bans “scraping, harvesting, or systematic and/or large-scale data extraction or replication” except through SAP-endorsed routes.

The practical effect: AI agents from tools like Claude Code, Cursor, and ChatGPT can no longer access SAP systems autonomously unless they integrate through SAP’s own ecosystem, including its Joule AI assistant and endorsed partner architectures.

Consultant and Partner Reaction

Independent SAP consultant Marian Zeis told The Register the change is “more restrictive than the community expected” and could push partners and customers to undocumented APIs because SAP is “pretty slow” to publish or improve templates for documented ones.

Alisdair Bach, head of SAP practice at consultancy Dragon ERP, offered a counterpoint to The Register: “AI-driven agents can probe weak access points far faster than any human ever could. In that environment, loose integration patterns are not just inefficient. They are vulnerable.”

The consulting community’s broader concern, as reported by ResultSense, is that the policy bundles AI-vendor competition into a security wrapper. The practical outcome is that customer data inside SAP becomes accessible only to AI tools SAP has endorsed, including its own.

What SAP Says

SAP CEO Christian Klein, on last week’s investor call, said the company wants to keep its platform open, including for third-party AI agents, but reserved the right to throttle “millions of calls coming towards an API” for stability reasons, according to ResultSense. “The IP of SAP, the domain know-how is something we will make available to our customers, but [is also] something which is a great asset to protect,” Klein said.

SAP characterized the policy as clarifying “design-intended use” and protecting platform stability.

Enterprise IT Implications

SAP runs the operational backbone of thousands of enterprises globally. For IT teams deploying multi-agent strategies across cloud vendors, this policy creates immediate friction. An AI agent that can autonomously query Salesforce, ServiceNow, and AWS cannot do the same with SAP data without routing through SAP-endorsed channels.

The timing is notable. Salesforce launched Agentforce Operations on April 29, extending autonomous agents to back-office processes. Google formalized its Agentic Enterprise strategy at Cloud Next 2026. Microsoft just open-sourced its Agent Framework. Each is building agent-native interfaces. SAP’s response is to restrict which agents get access at all.

For enterprises running SAP alongside these platforms, the policy forces a choice: route agent workflows through SAP’s endorsed tooling, or risk policy violations by using unsanctioned integration patterns. The consultant community expects other enterprise software vendors to follow with similar restrictions as agent access becomes an operational necessity.