SAP bans unauthorized external AI agents from accessing customer data
Updated
Updated · The Information · May 4
SAP bans unauthorized external AI agents from accessing customer data
5 articles · Updated · The Information · May 4
The German software group said customers could face throttling, suspension or termination of access, while CEO Christian Klein told analysts the curbs target mass data requests.
SAP says the policy protects application performance, semantic models and intellectual property, but customer advisers warn it could restrict companies’ ability to extract and analyse their own SAP-held data.
The move highlights a wider clash over AI agents as rivals including Salesforce, ServiceNow and Workday consider charging for such access, while SAP also faces pressure from customers using stronger third-party AI tools.
Is SAP's AI blockade a security necessity or a 'data war' tactic to force customers onto its proprietary AI platform?
Will SAP's new AI policy backfire, pushing major customers like Mercedes-Benz to accelerate their move away from its ecosystem?
The Impact of SAP’s 2026 API Restrictions on AI Access and Partner Ecosystem Viability
Overview
In late April 2026, SAP introduced a strict API policy banning integration with non-approved AI systems and large-scale data extraction to address security risks posed by autonomous AI agents. This change disrupts existing undocumented integrations, forcing organizations to adopt SAP-endorsed architectures like Change Data Capture and the Business Technology Platform, which come with trade-offs such as increased costs and vendor lock-in. While SAP provides security tools to manage AI governance, critics argue the policy limits flexibility and innovation, risking partner trust and pushing customers toward more open competitor platforms. The policy reflects a tension between ensuring system security and maintaining an open, innovative ecosystem.