As enterprises accelerate digital transformation, the concept of indirect access in SAP systems has become increasingly complex and consequential. With SAP platforms now interfacing seamlessly with CRM tools, e-commerce portals, IoT sensors, and RPA bots, the question of who or what requires a license is critical. Misunderstanding these rules has led to costly litigation and retroactive licensing fees, as demonstrated in the Diageo and AB InBev cases. Despite the introduction of SAP’s Digital Access model to address this complexity, many organizations still struggle to assess and manage their exposure effectively. As of 2025, indirect access remains not only relevant but central to SAP license compliance, cost control, and digital governance.
What Is Indirect Access?
Indirect access refers to any usage of SAP systems by individuals or systems that do not log in through SAP’s native interface but still trigger SAP transactions. This includes external systems such as Salesforce pushing sales orders, e-commerce websites generating invoices, or bots creating inventory updates. Essentially, any data manipulation or business document creation in SAP initiated through non-SAP interfaces qualifies as indirect access.
SAP traditionally required a Named User license for each user accessing the system, directly or indirectly. However, this model became untenable as digital integrations expanded. In response, SAP introduced a Digital Access licensing model in 2018, which charges based on the number of business documents generated by indirect access rather than user counts. This shift marked a fundamental change in SAP’s approach to licensing.
A critical element of this shift is SAP’s focus on nine core document types, such as sales orders, financial documents, purchase orders, and inventory movements. These document types form the basis of measurement in the Digital Access model. SAP also introduced tools like SAP Passport and Digital Access Evaluation Service (DAES) to help enterprises identify document volumes created via third-party integrations. However, these tools have varying degrees of accuracy and often require expert configuration and interpretation.
Indirect Access Then and Now: What’s Changed?
Before 2018, SAP’s enforcement of indirect access relied heavily on Named User licenses. Enterprises often underestimated their exposure, leading to compliance failures during audits. Diageo’s 2017 legal battle highlighted this risk when the company was penalized for Salesforce users indirectly accessing SAP. At that time, SAP’s contractual terms were broad and often ambiguous, allowing auditors to interpret any touchpoint as licensable.
With the 2018 rollout of the Digital Access model, SAP began offering a more predictable, document-based licensing framework. It includes nine core document types and provides a clearer structure for compliance. SAP’s Digital Access Adoption Program (DAAP) further incentivized this transition by offering significant discounts and trade-in credits for legacy licenses. This shift was welcomed by many enterprises looking to modernize their licensing approach without incurring prohibitive costs.
By 2025, Digital Access has become the standard in new SAP contracts, particularly those involving S/4HANA and RISE with SAP. However, interpreting what constitutes a document and how to count them remains complex. Organizations must still navigate nuanced scenarios like batch updates, cancellations, API-triggered workflows, and system-generated documents that may or may not fall under chargeable metrics. These complexities mean that many enterprises still prefer a hybrid approach that combines user-based licensing with document-based models, depending on the nature of their integrations.
Relevance for Licensing and Procurement Professionals
Indirect access continues to be a critical issue for licensing and procurement professionals for several reasons. Firstly, SAP audits have become more sophisticated, using tools like SAP Passport and LAW to measure document volumes generated by external systems. These audits increasingly target indirect access metrics, leading to heightened scrutiny and potential compliance issues. Organizations must be able to defend their integration architecture and document volumes with evidence-based reporting.
Secondly, cost optimization is more achievable but also more nuanced under the Digital Access model. Enterprises must evaluate whether document-based or user-based licensing yields lower TCO. In many cases, a hybrid approach is optimal, where high-volume automated processes are licensed through Digital Access while internal users retain Named User licenses. This approach requires precise forecasting of document volumes and scenario-based modelling.
Thirdly, contract negotiation has never been more vital. Procurement teams must ensure that SAP agreements clearly define document types, exclude read-only transactions, and incorporate volume buffers to accommodate business growth. Without these provisions, companies risk overpayment or post-audit penalties. Effective contracts also define licensing triggers, measurement methodologies, and review intervals, providing greater predictability and audit defence.
Lastly, governance structures must evolve. Licensing impacts should be assessed during IT project planning, and integration registers should track all SAP-touching systems. License usage should be monitored quarterly, with cross-functional teams overseeing compliance and optimization. This level of governance helps prevent licensing surprises when new systems or automation tools are deployed and ensures that licensing remains aligned with business objectives.
Organizations should also be investing in license intelligence platforms and services that offer real-time monitoring, predictive analytics, and optimization recommendations. These solutions not only support compliance but also enhance procurement strategies by identifying unused licenses, overlapping entitlements, and opportunities for consolidation.
Practical Takeaways
To effectively manage indirect access risk and cost:
- Build and maintain a detailed integration register that catalogues all systems interfacing with SAP, the type of transactions they initiate, and associated document volumes.
- Use SAP tools and third-party license analytics solutions to measure actual document creation and compare against license entitlements.
- Perform cost modelling to evaluate the financial impact of Named User versus Digital Access licensing, including growth forecasts and buffer planning.
- Negotiate clear contract terms, specifying document types, excluding passive usage, and establishing flexible volume thresholds.
- Implement quarterly license reviews, integrated change control processes, and stakeholder training to maintain ongoing compliance.
For more mature licensing operations, consider implementing license consumption dashboards that allow for drill-down views into document generation trends by source system, department, or process type. Such visibility supports proactive license management and helps justify decisions during contract negotiations or renewals.
Conclusion
Indirect access is not an outdated compliance artifact but a dynamic and evolving licensing challenge. As SAP continues to innovate and enterprises digitize operations, the scope of what constitutes indirect access will only expand. Licensing and procurement professionals must stay vigilant, leveraging SAP’s Digital Access model where appropriate, while maintaining robust governance and contractual clarity. The goal is not merely to avoid penalties but to enable scalable, cost-effective innovation within SAP environments.
Moreover, indirect access licensing is not only about compliance. It is a strategic lever in digital transformation, helping organizations budget accurately, plan for growth, and align IT architecture with business strategy. By embedding licensing considerations into architectural decisions, project roadmaps, and vendor negotiations, enterprises can turn what was once a liability into a competitive advantage.
Ultimately, the relevance of indirect access in today’s SAP landscape lies in its dual nature: it is both a compliance risk and a strategic opportunity. Mastering its complexities requires cross-functional collaboration, advanced tooling, and continuous education—but the rewards are worth it: reduced risk, controlled costs, and accelerated innovation.
