SAP indirect access is the license violation that occurs when SAP customers allow third-party applications to communicate with SAP system data. When information between the SAP software and a third-party system is exchanged, it is labeled as “indirect” and breaches the terms of a traditional user license.
The use of the SAP platform is based on a “Named User” licensure system. According to SAP’s System Measurement Guide, a named user is “an employee of a customer, of its affiliated companies, or of third-party companies authorized to access the licensed software directly or indirectly, regardless of the technical interface chosen.” The line is crossed into indirect access when a person not identified as a named user loads, executes actions into or accesses the software.
If a customer wishes to utilize SAP within third-party applications outside of a read-only scope, they become liable to additional licensing fees or become vulnerable to paying fines. To avoid potential indirect access lawsuits, SAP customers should understand the user agreement and its implications, limit the use of interfaces with real-time information updates and accurately map application architecture.
SAP indirect access is the result of a high court ruling in February 2017 that came about when a long-time user of SAP, Diageo, was found to be responsible for SAP fees regardless of access being indirect or read-only. It was found that the staff of the alcoholic beverage company was responsible for double charges for accessing data through a SalesForce application that was not licensed as their SAP applications were. Diageo was ordered to pay license fees totaling £54,503,578 but was able to negotiate a private settlement.
Many companies licensing SAP services were worried about the ruling and carefully scrutinized their contracts to ensure they would not also be charged. By hiding settlement amounts, SAP is trying to avoid scaring away current customers. Concerned about loss of business from customers fearing extra charges, SAP announced the creation of a transparent pricing scheme for indirect access. The company is also offering consultations about indirect fees without back fees as another move to ease worries.
Examples of high-risk SAP indirect access situations
- Non-SAP online storefronts that utilize SAP software to place orders, track shipments, or transfer postings in real-time
- Mobile applications or IoT devices that are used to automate data entry into SAP software
- Non-SAP software with access to reading, modifying, updating or storing SAP data