Integration Intelligence is the first application of the Graphmantix e360° EKG. It fuses SAP configuration with deep custom ABAP code analysis to build an audit-defensible inventory of every IDoc, RFC, SOAP, OData, ODP, RAP, and file flow in your landscape — including the integrations no configuration table ever knew existed. Classified for Clean Core compliance and SAP API Policy v4/2026 risk. Delivered in 2 weeks.
SAP has rewritten the rules governing how third parties — and AI agents — access SAP systems. Each shift carries its own deadline and its own audit liability.
SAP will deploy mandatory security patches that technically block all unauthorized ODP-RFC calls for SAP-to-non-SAP scenarios. Every replication pipeline, ETL connector, and bespoke extraction routine relying on ODP-RFC fails on day one. Approved alternatives — Table CDC, ODP OData, SLT, Business Data Cloud — require fundamental rearchitecting.
Third-party applications are explicitly prohibited from accessing internal, private, or undocumented SAP APIs — including the legacy RFCs and BAPIs the consulting community has relied on for decades. The burden of proof rests on the enterprise consumer to verify every integration endpoint qualifies as Published.
SAP prohibits its APIs from being used for “interaction with semi-autonomous or generative AI systems that plan, select, or execute sequences of API calls” outside SAP-endorsed pathways. The compliant path is the Agent2Agent (A2A) protocol — your AI agents formulate tasks; an SAP-internal agent executes them.
An autonomous AI agent that creates 10,000 purchase documents or invoices incurs Digital Access fees on every single creation event. Sales, Purchase, Invoice, Service & Maintenance, Manufacturing, Quality, and Time documents carry a 1.0× multiplier. AI strategy must couple to continuous financial modeling.
Which of your integrations rely on Non-Published APIs that v4/2026 prohibits? Which pipelines break the day ODP-RFC is blocked? What’s your Digital Access licensing exposure when AI starts creating documents at machine speed? Without a complete inventory, you cannot quantify exposure — and you cannot defend it under audit.
Most SAP environments accumulate hundreds — often thousands — of IDoc message types, RFCs, SOAP endpoints, OData services, ODP extractors, and file-based flows over decades of operation. The configuration lives scattered across SM59, WE20, SOAMANAGER, SICF, FILE, SPTH — and a great deal of it isn’t in configuration at all. It’s buried in Z-code. The platform builds a single, queryable graph from both sources.
Which Z-programs invoke deprecated interfaces? Which custom RFCs scrape SAP-internal tables in ways v4/2026 prohibits? Which programs open file handles to flat-file integration directories nobody documented? The platform parses ABAP source to find every CALL FUNCTION, HTTP_CLIENT, OPEN DATASET, and TRANSFER — classifies each endpoint by Clean Core Level (A/B/C/D), and ties each to a recommended target architecture.
e360° represents every integration in one canonical pattern. The graph holds the sender, the mechanism, the receiver, and the business object that flows through — with v4/2026 risk and Clean Core level overlaid on every edge.
| Mechanism | Configuration Source | Custom-Code Source | v4/2026 Risk |
|---|---|---|---|
| IDoc | WE20, WE21, WE60 | IDOC_OUTBOUND_* in Z-programs | Low |
| RFC / BAPI | SM59, SE37 | CALL FUNCTION ... DESTINATION |
High — Non-Published exposure |
| SOAP | SOAMANAGER | SOAP framework usage in Z-classes | Medium |
| OData / RAP | /IWFND/MAINT_SERVICE, SEGW | Service consumption via HTTP_CLIENT |
Low (Published path) |
| ODP / ODP-RFC | RSA1, BW Extractors | Extractor calls in BW & SLT chains | Critical — July 2026 block |
| File / DATASET | FILE, SPTH | OPEN DATASET, TRANSFER |
Medium — audit gap |
See your technical-debt blast radius before the next upgrade. Each endpoint placed on the spectrum SAP itself uses to scope its support, its modernization recommendations, and its commercial posture.
Public APIs, RAP services, BTP extensions. Upgrade-safe, future-proof, no developer effort to maintain.
Released objects and BAdIs in the S/4HANA core. Supported but tied to the in-stack release cycle.
Modifications to standard objects. Recoverable but requires effort on every upgrade.
Z-code that scrapes internal tables, undocumented RFC calls, unmanaged file flows. v4/2026 high-risk.
Every engagement leaves a complete operational model of your SAP system behind — queryable, MCP-served, ready for the next application.
Every IDoc, RFC, SOAP, OData, ODP, RAP, and file flow — with sender, receiver, mechanism, and business object on every edge.
The integrations no configuration table reveals — uncovered by parsing the ABAP source itself.
Published vs Non-Published. ODP-RFC deprecation. Section 2.2.2 exposure. Digital Access amplification model.
Legacy RFC → published RAP service. ODP-RFC → Table CDC or Business Data Cloud. Grounded in your actual usage.
Multi-hop traversals trace any business document back to its origin — distinguish human-created from EDI-inbound for Digital Access defense.
The EKG built for Integration Intelligence is the same engine your next migration, M&A, or AI initiative will run on.
Book a 20-minute call and we’ll walk through what an Integration Intelligence engagement looks like on your landscape.
Book a Call →