If you run SAP ECC 6.0 (any EHP) and your business is asking for AI agents on your SAP data, the calendar is shorter than it looks. SAP mainstream support for ECC ends in 2027. SAP Joule does not support ECC. SAP API Policy v4.2026a §2.2.2 prohibits AI agents from talking directly to SAP APIs. That leaves you three choices — and only one doesn't require a full S/4HANA migration first.
Sources: SAP Maintenance and Support Policy, public adoption surveys reported in industry press, SAP API Policy v4.2026a (April 2026).
SAP API Policy v4.2026a §2.2.2 reads (excerpt):
"Except through and within the limits of SAP-endorsed architectures, data services, or service-specific pathways expressly identified and intended for such purposes, SAP prohibits API use for: (a) interaction or integration with (semi-)autonomous or generative AI systems that plan, select, or execute sequences of API calls, and (b) scraping, harvesting, or systematic and/or large-scale data extraction or replication."
Allowed: analysing data, supporting decisions, triggering individual defined API interactions. Not allowed: autonomous AI agents that plan, select, and execute sequences of API calls against SAP — unless they go through an SAP-endorsed architecture.
The carve-out is specific: architectures, data services, or service-specific pathways. AegisAI is the architecture leg of that carve-out.
Reality: S/4HANA migration projects run 12-36 months. Many ECC shops have a 2027 mainstream-support cliff and an S/4 migration plan in the same calendar. Joule is the SAP-sanctioned answer, but only for S/4.
The cost: your AI roadmap stalls until your migration completes. Competitors who don't run SAP ship AI features now.
Reality: 77% of AI-active SAP customers already use Copilot. Many integrations were built before the v4.2026a policy. They now violate §2.2.2 the moment the agent does any kind of multi-step planning.
The cost: contractual exposure to SAP, no audit story your security team can defend, and a fragile integration that breaks every time SAP updates an API.
What AegisAI does: sits between the AI agent and ECC. Propagates the end-user's SAP identity via Trusted RFC + STRUSTSSO2 + SNC (the BASIS-recommended pattern). Lets SAP's AUTHORITY-CHECK decide. Records every decision into a tamper-evident audit chain. No service-account masking, no policy violation.
The benefit: Your Copilot / ChatGPT / Claude agents keep working. Your security team gets an audit chain. Your compliance team gets §2.2.2 alignment. Your S/4 migration timeline doesn't change. And the same architecture survives the migration — AegisAI talks to S/4HANA, S/4 Cloud, and BTP-fronted endpoints with the same posture.
AEGIS_RFC) gets S_RFCACL for the AegisAI source system ID with Type = Trusted System; the end user's SAP identity flows via RFC_USER; SAP's AUTHORITY-CHECK evaluates against the end user's actual roles — not a service account.BAPI_USER_GET_DETAIL, SUSR_GET_PROFILE_AUTH_OBJECTS, plus customer Z-RFCs through an explicit extension point. No undocumented endpoints, no reserved-namespace calls, no ODP large-scale extraction.SELECT ... FOR UPDATE row-locked, integrity-probed. Every AI-agent call records the user, the intent, the SAP authority result, and the masked response — with cryptographic tamper evidence.No. AegisAI runs in your Kubernetes cluster (or your AWS/Azure/GCP account in BYOC mode). Your data never leaves your environment. The AegisAI vendor sees aggregated telemetry only, not row-level data. The commercial models are: vendor-hosted Pilot (sandbox data only), self-hosted Helm in your k8s (the production model), or BYOC managed in your cloud account (premium tier).
Joule is SAP's first-party AI assistant for users inside the SAP UI. AegisAI is the control plane for AI agents accessing SAP data from outside the SAP UI — Copilot, ChatGPT, Claude, custom RAG pipelines. The two solve different problems. Most customers will run both: Joule for SAP-native moments, AegisAI for everything else. We have a Joule connector kit too; the architectural posture is the same as for Copilot.
You could. Many customers do. The trade-off is that the 9-stage pipeline we ship (rate limiting, request ceilings, JWT verification, identity propagation, adaptive trust, deterministic policy, parameterised query planning, MODE-gated execution, schema-driven response masking, HMAC audit chain) is meaningful engineering — roughly 12 person-months to replicate at production quality. You can build it; the question is whether building it is the highest-leverage use of your team's time given the 2027 calendar.
The published policy is final. SAP has acquired Dremio and Prior Labs (announced 2026) to build their own AI-data path, but those acquisitions don't close until late 2026 at the earliest, and the integrated product is 2-3 years out. The carve-out for "SAP-endorsed architectures" is the only currently-available legal path. If SAP eventually relaxes the policy or ships a Dremio-backed alternative, AegisAI's identity-propagation, audit, and policy-engine work stays useful as a defense-in-depth layer in front of whatever SAP ships.
SAP ECC 6.0 / EHP 8 customers in regulated industries (manufacturing, energy, financial services, pharma) whose security and compliance teams want a defensible audit story for AI access to SAP data, and whose business teams have a real AI use case they need to ship in 2026.
If you run SAP ECC and your AI agents need to access SAP data, the conversation we want is short: a 30-minute architecture review where we walk your BASIS engineer through the Trusted RFC pattern, your security team through the audit chain, and your business sponsor through the 14-day pilot. There's nothing to install for the review.
Source notes. SAP API Policy v4.2026a quoted from the version-of-record published April 2026; full citation in whitepaper §9. Adoption figures (77% / 3%) are widely-reported industry estimates as of Q2 2026; we do not claim them as SAP-published numbers. The ECC support timeline is per SAP's published maintenance policy. AegisAI's architectural alignment with the emerging SAP + BTP + Agentic AI Reference Architecture pattern (AI Control & Mediation Layer with Policy Enforcement, Orchestration & Guardrails, Observability & Audit) is by independent convergence; we recognised the same problem shape and arrived at the same answer.