SAP Indirect Access Licensing in RISE with SAP (2024

Table of Contents

SAP Indirect Access Licensing in RISE with SAP

How Indirect Access Works in RISE (2024–2025):

SAP’s indirect access (“digital access”) is when users or systems access SAP data through third-party applications or interfaces rather than directly via the SAP GUI.

Historically, this has been a licensing minefield – companies faced hefty fees if such indirect usage wasn’t properly licensed. However, the rules have evolved with RISE and SAP (SAP’s cloud subscription offering for S/4HANA).

In 2024–2025, RISE with SAP fundamentally simplifies indirect access licensing compared to traditional on-premise models.

Most RISE contracts bundle digital access rights into the subscription, meaning typical third-party integrations (e.g., e-commerce platforms creating orders in SAP, or CRM systems reading SAP data) are covered under your subscription user entitlements.

This greatly reduces the risk of surprise “indirect use” charges. CIOs and IT leaders can integrate SAP with other systems more freely under RISE if the overall usage falls within the subscribed capacity (measured in Full User Equivalents, or FUEs).

“Simplified” doesn’t mean “unlimited” or risk-free. RISE’s indirect access model still requires vigilance. SAP includes generous allowances for digital access in RISE.

Still, extremely high-volume scenarios (for example, millions of document transactions from IoT sensors or a public website) may require additional licensing or a higher subscription tier.

Customers must ensure their RISE contracts explicitly cover all expected indirect usage. The key changes in 2024–2025 are that SAP strongly pushes cloud subscriptions (making on-premise less attractive via support fee hikes and cloud-only innovations) and has softened its stance on charging for integrations.

SAP now positions RISE as an all-in-one solution, indirectly encouraging customers to connect SAP with a wide ecosystem without fear of audits for every interface.

In summary, RISE with SAP has turned indirect access from a major compliance worry into a manageable aspect of your subscription.

Your focus should shift from counting every third-party user to optimizing your FUE count and contract terms, ensuring any atypical usage is negotiated upfront.

CIOs should view RISE’s indirect access approach as a positive development that can enable digital transformation.

However, they must still adhere to best practices to avoid hidden costs: negotiate clear contract language, monitor usage, and engage independent licensing expertise when necessary.

This playbook will guide you through the challenges, comparisons, and action steps for mastering indirect access in a RISE with SAP environment.

Indirect Access Challenges Under RISE with SAP

Moving to RISE with SAP alleviates many traditional indirect licensing headaches but introduces new management and oversight challenges.

Organizations should be aware of the following issues when dealing with indirect (digital) access in a RISE context:

Understanding the New Model: RISE shifts licensing to a subscription/FUE model. Many enterprises struggle initially to map their existing users and interfaces to the FUE categories (e.g., Professional, Functional, and Self-Service users). The challenge is to ensure that all human and non-human access is accounted for. For example, if you have a portal or a robotic process that interacts with SAP, you must classify and include that in your FUE calculations. Misjudging this can lead to under-subscription (compliance risk) or over-subscription (unnecessary cost).
Perception of “All-Inclusive” vs Reality: SAP’s sales pitch for RISE often highlights that everything (including indirect usage) is “covered” in one bill. In practice, not every scenario is automatically covered. Standard integrations and documents are generally included; however, exceptionally high volumes or out-of-the-ordinary use cases may not be. Organizations may face capacity limits or performance considerations. For example, if an IoT network is generating massive data into S/4HANA, SAP may expect the customer to purchase additional document licenses or a larger RISE package. The challenge is knowing where that line is. Customers in 2024–2025 must have frank discussions with SAP (and independent experts) about their usage patterns to ensure the contract adequately covers their needs.
Lack of Visibility and Measurement Tools: In on-premise environments, companies often used SAP’s License Administration Workbench or third-party tools to measure indirect use (e.g., counting documents created via external systems). In RISE (cloud), SAP manages the infrastructure and provides fewer built-in license audit tools that are directly accessible to customers. This can make it challenging for customers to monitor their indirect usage in real time. You may have to rely on SAP’s reporting or request metrics from SAP periodically. The lack of direct visibility is a challenge for proactive compliance management – you don’t want to learn at renewal time that your usage exceeded the included amount.
Contract Ambiguity and Standard Terms: RISE with SAP agreements are based on SAP’s standard cloud contracts, which may use broad language. Unless explicitly negotiated, they may not mention “indirect access” or “digital access” in the order form. If the contract is silent or vague, it’s a red flag – SAP could later assert that certain indirect uses were out of scope. Organizations face the challenge of navigating SAP’s contracts to insert the right protections. This often requires legal and sourcing teams to negotiate terminology that they may not be used to in a cloud deal (since indirect use was a bigger issue in older on-prem contracts). The challenge is that SAP’s cloud contracts can be less flexible on terms, so it takes persistence to include custom language.
High-Stakes Compliance, Less Frequent Audits: Under RISE, SAP’s approach to compliance undergoes a shift. Since the model is subscription-based, SAP has less of a need to perform traditional audits to “catch” indirect use, but this doesn’t mean they won’t enforce compliance. Instead of surprise audits yielding huge back-charges (as with the on-premise model), the risk is that SAP will assess usage at renewal or periodic checkpoints and require you to true up your subscription. If you significantly exceed your contracted FUE or document counts, you may be compelled to raise your subscription level (often at a higher cost, especially if you’re mid-term or locked-in). The challenge for customers is avoiding mid-term surprises – you must actively manage usage to negotiate any required expansion on your terms, not under duress.
Integration Proliferation: In 2024–2025, businesses are more connected than ever – e-commerce platforms, mobile apps, IoT devices, and AI analytics tools, among others, all tap into core ERP data. While RISE encourages this by removing many licensing barriers, each new integration is a potential licensing consideration. Organizations require governance to assess how each third-party system will utilize SAP data. For instance, a new cloud CRM integrated with S/4HANA may significantly increase document creation. The challenge is to bake licensing impact analysis into every new integration project under RISE. This is a cultural and process shift: IT and architecture teams must collaborate with sourcing/licensing experts whenever they introduce high-volume interfaces, to ensure they remain within contractual allowances or adjust the contract as needed.
FUE Complexity and Role Mapping: The Full Usage Equivalent model aggregates various roles and usage types into a unified metric. Each user is assigned an FUE value based on their highest level of access. One challenge is optimizing this: if users are given more access than they need, you might over-count FUEs (and overpay). Conversely, you risk non-compliance or hampering business needs if you try to undersize user roles to save cost. Managing user roles and authorizations becomes a licensing exercise – something many organizations find challenging. In 2024, companies reported confusion and needed clarity on classifying users (e.g., whether a read-only third-party system account counts as a “Productivity” user or not). Ensuring alignment between your technical role design and the licensing classification is an ongoing task under RISE.

RISE with SAP essentially shifts the indirect access conversation from a legal/audit battle to a planning and management exercise.

The challenges lie in correctly sizing and structuring your contract, monitoring usage trends, and maintaining clarity in your contract terms.

The following sections will compare RISE to traditional licensing and then provide actionable steps to tackle these challenges.

Traditional vs. RISE: Indirect Access in On-Premise vs. Cloud Models

Understanding how indirect access licensing differs between traditional on-premise SAP and the RISE with SAP subscription model is important.

Below is a comparison of the two models across key aspects:

Aspect	Traditional On-Premise SAP (Perpetual Licensing)	RISE with SAP (Cloud Subscription)
Licensing Model	• Perpetual license ownership (buy once, use indefinitely) with ~20% annual support fee. • You manage infrastructure and upgrades; software is an asset on your books. • Can continue using existing system if you stop maintenance (but without support/updates).	• Subscription term licensing (no perpetual rights; access ends if not renewed). • Software, standard support, and infrastructure are bundled in a recurring fee (OpEx model). • SAP handles infrastructure and updates (especially in public cloud), aligning you with cloud delivery cadence.
Indirect Access	• Not included by default. Third-party systems or non-SAP users require additional licenses (either Named User licenses for those users or Digital Access document licenses for document transactions). • High compliance risk: Indirect use often went unmanaged until an audit uncovered unlicensed activity (e.g. the high-profile Diageo case where a customer paid hefty fees for Salesforce-to-SAP integrations). • SAP introduced Digital Access (document-based licensing) as an optional model to address this, but customers had to opt in and count qualifying documents.	• Included (with allowances). RISE contracts bundle digital access rights into the subscription. Typical indirect usage (standard document types via APIs or external apps) is covered by your FUE user count and document allotment – you usually do not need separate licenses for third-party interfaces under RISE. • Greatly reduced compliance risk: integration scenarios that formerly triggered extra fees are now considered normal use, as long as they fall within the agreed user/document metrics. • Caveat: Extremely high-volume interfaces (e.g. IoT devices creating millions of records) or unusual scenarios might require special attention. SAP often provides a generous document count, but if you expect volumes beyond that, it must be discussed and stipulated in the contract (either via additional document packs or an agreed capacity).
Pricing Transparency	• Granular pricing: You buy software licenses, pay annual maintenance, and procure hardware/hosting separately. Each cost element is visible (license list prices, discount rate, support fee, etc.). • Complex to manage: dozens of user types and engine metrics, but you gain clarity on each component’s cost. You can negotiate discounts on licenses (common to see 50%+ off list for large deals) and reduce cost by dropping maintenance on unused components or using third-party support. • Easier to attribute costs: e.g., you know how much you paid for Financial module vs. HR module, since each had a price.	• Bundled pricing: One all-in subscription fee covers software, infrastructure (cloud hosting), and standard support services. This simplifies budgeting (one vendor, one invoice) but masks the cost breakdown. • Limited transparency: SAP doesn’t typically disclose how much of the fee is for licenses vs. infrastructure. It’s a “black box” – you must evaluate the bundle’s TCO rather than line-item costs. Comparing to on-prem can be challenging without SAP revealing the internals. • Discounting is different: Instead of very high upfront discounts, SAP might offer moderate subscription discounts (e.g. 15–30%) or incentives like migration credits and free add-ons. The value often comes in bundled extras (e.g. SAP may bundle certain cloud services or consumption credits). CIOs must analyze the 5-year TCO of RISE vs on-prem, factoring in that on-prem costs may rise (SAP increased support fees ~5% in 2023 and 2024) and that some cloud-only innovations may save other costs.
Contractual Safeguards	• Customer-driven protections: The onus is on the customer to negotiate protections in the license agreement. SAP’s legacy contracts often lacked explicit clauses on indirect use, leading to ambiguity. Savvy customers would add definitions or riders clarifying third-party access rights, or secure pricing protections (e.g. a cap on price increases for named users). • Audit and compliance: SAP retains audit rights and frequently exercised them on on-prem customers. Your contract may detail audit notice periods or procedures, but generally audits could occur and result in back-charges if indirect usage was unlicensed. Few safeguards existed unless negotiated (some customers managed to get specific known interfaces pre-authorized in the contract or got an indemnity for certain integrations).	• RISE standard terms (with room for negotiation): RISE contracts are comprehensive but mostly standardized. Many indirect use rights are implicitly included via the subscription metrics, but customers should make them explicit. It’s critical to confirm in writing that the subscription includes digital access for all intended interfaces. This can be done by listing the integrated third-party systems and stating that their use of SAP is covered under the subscription fee. • Fewer surprise audits: SAP’s ability to audit remains (they can monitor cloud usage), but the dynamic is different. Compliance checks might happen via continuous monitoring or at renewal rather than random audits. Still, ensure the contract outlines how usage is measured (e.g. which documents count toward digital access, how FUE is calculated) to avoid disputes. • Key safeguards to negotiate in RISE include: clear indirect usage clauses, caps on annual price escalations or renewal rates, clarity on how to handle expansions (e.g. pricing for additional FUEs if needed mid-term), and exit provisions (so you can extract your data and have transition time if you leave RISE). While SAP may not readily volunteer changes to their cloud agreement, customers in 2024 have had success adding riders or clarifications – for example, explicitly stating that API calls from XYZ system are permitted without additional license fees. Engaging an independent expert can help identify and negotiate these points.

In summary, the RISE model substantially relieves indirect access: It bakes most of those licensing needs into a single subscription, whereas the traditional model left them as a separate (and often painful) topic. If the contract is properly set up, indirect access exposure is dramatically lower with RISE.

However, RISE is not a cure-all. Pricing is less transparent,

and long-term commitments are heavier, so due diligence is needed to ensure you’re truly getting cost benefits.

Contractually, a RISE deal demands as much scrutiny as an on-prem deal, just with a different focus (cloud SLAs and subscription terms instead of perpetual license clauses). The next section provides a playbook for navigating these considerations and maximizing value while minimizing risk in a RISE environment.

Playbook: Managing Indirect Access Licensing in a RISE Environment

Adopting RISE with SAP requires a strategic approach to avoid risks and optimize your licensing.

Below is an action plan and best practices for CIOs, IT leaders, and sourcing professionals to get the most out of RISE while keeping indirect access firmly under control:

1. Negotiation Tactics for RISE Contracts

Address Indirect Use Upfront: When negotiating your RISE contract, explicitly discuss and document indirect access. Do not assume it’s automatically unlimited. List all third-party systems, interfaces, and use cases that will connect to your SAP environment (customer portals, supplier platforms, mobile apps, IoT feeds, etc.). Ensure the contract (or the scope document) states that these uses are permitted under the subscription with no additional license fees. For example, if you know a third-party e-commerce site will create sales orders in SAP, have it written that your RISE subscription covers this scenario. Clarity now prevents disputes later.
Include Digital Access Terms in the Contract: Best practice is to insert specific language such as: “The subscription fee includes rights for SAP Digital Access (document-based indirect use) sufficient for the Customer’s expected use cases, including but not limited to [list key integrations]. No separate license fees shall apply for these indirect usages.” If SAP’s standard order form has a section on digital access, ensure it either has “included” checked off, or several documents that is comfortably above your needs. Negotiate an addendum or special clause if the standard contract doesn’t mention it. Red flag: a contract that is silent on indirect/digital access or that references the need for separate digital access licenses without quantifying them could expose you.
Negotiate Generous Allowances (or Unlimited Usage) for Third-Party Interfaces: SAP is often willing to include a certain volume of document transactions in the RISE deal, especially if you bring it up early. Use that to your advantage. If you expect to receive 1 million sales orders per year via indirect channels, request that this volume be included in the subscription. If SAP is uneasy about calling it “unlimited,” then pin down a high number with the right to purchase additional blocks at a pre-agreed rate. The goal is to avoid open-ended exposure. You want any potential overage to be predictable and pre-priced, not a surprise invoice.
Watch for Ambiguous Wording: Ensure that terms like “Named Users” or “Direct Usage Only” from old contracts do NOT sneak into your RISE agreement. All usage should be tied to FUEs and documented transactions, with no distinction that could exclude indirect usage. Also, clarify any references to SAP’s general policies – if the contract says “indirect use as per SAP policy,” obtain that policy document and consider attaching it to the contract to freeze the definition. You don’t want SAP to unilaterally change definitions midstream.
Leverage Independent Licensing Experts: Engage a third-party SAP licensing advisor (such as Redress Compliance or other independent experts) before you sign the RISE contract. These experts are familiar with the common pitfalls and the concessions SAP has made to other customers. They can provide benchmark data (e.g., the amount of digital access included for a company of your size) and help craft contract language. Since they are independent, they’ll focus on your interests (unlike SAP’s team). Gartner and other analyst firms have noted that many companies moving to RISE in 2024 sought external help due to the complex, unfamiliar licensing terms – doing so can save you from costly mistakes. Bring these experts into your negotiation team to strengthen your position on complex topics, such as indirect access, FUE counts, and renewals.
Negotiate Renewal and Flexibility Safeguards: A big part of optimization is not just year 1 pricing, but what happens later. Insist on a cap for subscription price increases at renewal (for example, no more than +5% per year, or even a flat renewal at the same price for a certain extension term). This directly impacts indirect access as well – if your usage grows (with more interfaces and documents) and you need more capacity later, you don’t want SAP to take advantage of a lock-in. Also, ask for mid-term flexibility: if you add a new integration that significantly increases indirect usage, can you true-up at a predetermined rate card? Having that spelled out avoids the situation of an open negotiation while your project is on hold. Customers sometimes negotiated the right to add FUEs or document packs at a fixed price during the term.
Don’t Skip Legal Review of Cloud T&Cs: SAP’s cloud service terms (like the RISE Appendix or service description) contain details on usage and compliance. Have your legal team (or an external lawyer familiar with SAP) review these documents for any language related to indirect use, audit, or compliance. Review the audit clause in the cloud contract – even if audits are less frequent, SAP likely has a clause that allows them to verify compliance. You might not be able to remove that, but you can negotiate the process: e.g., “SAP will notify the customer in writing 30 days before any compliance audit and discuss findings in good faith.” Some customers also request the right to remedy any compliance issues within a specified period before SAP can escalate the matter. These are nuanced points, but they reinforce that you are a careful customer and put some checks on SAP’s power.

2. Optimizing License Usage and Avoiding Pitfalls Post-Contract

Right-Size Your FUE Allocation: Continuously align your user licenses with actual usage during and after implementation. FUE (Full User Equivalent) counts are based on user roles and authorizations. Work with your SAP security team to ensure users are assigned the correct license type. For example, don’t give a casual inquiry user a “Professional” role if they only need a self-service interface – that would count unnecessarily high in FUEs. Regularly review user roles to prevent “license creep,” where people accumulate permissions that bump them into higher FUE categories. Implement an internal policy that a license manager reviews any role change that could increase FUE classification. By optimizing roles, you control indirect access costs too (since FUE covers that user’s direct and indirect usage).
Monitor Digital Document Consumption: Even if your RISE contract includes digital access, you should track how many digital documents (as defined by SAP’s nine document types for digital access, e.g., Sales Order created, Invoice created, etc.) you generate indirectly. SAP provides tools like the Digital Access Estimation Tool (for ECC/On-Prem). In S/4HANA Cloud, you might need to request a usage report from SAP or use the telemetry data via SAP Cloud ALM or other monitoring tools. Develop a habit of checking, say quarterly, the volume of documents created by external systems. Suppose you notice a rapid growth trend (perhaps your new customer portal is experiencing a surge in orders). In that case, you can proactively contact SAP or adjust processes before it becomes a compliance issue. This monitoring is also valuable evidence if SAP questions your usage – you’ll have your numbers to compare.
Implement Governance for New Integrations: Establish an integration review board or an architectural governance process to evaluate any new system interface to SAP for licensing impact. It doesn’t need to slow down innovation – it’s about awareness. For example, if marketing wants to connect a new e-commerce marketplace to SAP, a quick licensing assessment is needed: Will it create documents in SAP? How many? Is that within our current allowance? If not, what’s the plan – throttle it, buy more, or negotiate? By institutionalizing this check, you prevent unpleasant surprises. This practice also forces business and IT teams to quantify the expected usage of new initiatives, which is a good governance practice.
Utilize Audit Tools & Self-Audits: Even if SAP isn’t knocking on the door for an audit, perform periodic self-audits. Use any tools available: SAP’s license measurement programs (LAW/LMBI for on-prem, or user reports in the cloud) and third-party SAM tools certified for SAP. Some third-party tools can now interface with S/4HANA Cloud or read usage data that SAP exposes. A self-audit should verify: user counts versus FUE purchased, document counts versus any limits, and engine usage versus entitlements (for any additional services, such as BTP). Conduct this annually and keep the report. This proactive stance can catch instances where, for example, a team enables a new SAP module or integration that wasn’t in the original scope (e.g., suddenly using SAP for contract management or generating documents). It’s far better for you to find it and address it (license more or adjust usage) than for SAP to find it in a formal audit.
Cost Control via Scaling and Archiving: Indirect usage can sometimes be reduced by smart design. For example, not all data from third-party systems needs to be created as a document in SAP. Could you batch certain updates or summarize data before sending to SAP? If IoT sensors send data to SAP in real-time, route it through a middleware that aggregates the records. Also consider data archiving and cleanup – an explosion of documents could be caused by redundant data being pushed in. By optimizing integration patterns (with the help of your enterprise architects), you might keep your document counts well within allowance and control the load on the system (which also controls infrastructure cost). Essentially, efficient integration = lower licensing footprint.
Keep an Eye on SAP’s Licensing Announcements: SAP occasionally updates its licensing policies or metrics. For instance, SAP may adjust what constitutes a document or introduce a new user metric type. In 2024, SAP extended its Digital Access Adoption Program indefinitely, signaling that it continues to refine how customers can migrate to document-based licensing. Also, the push toward cloud has come with tweaks in contract terms (e.g., new bundles, renamed SKUs, etc.). Ensure someone on your team (or an external advisor) stays current with SAP’s updates and the community discussions in the SAP user group. If SAP, for example, offers a new unlimited digital access option for cloud subscribers, you’d want to know about it and possibly take advantage of it. Conversely, you’d want to prepare if they plan to tighten any policy.
Audit Prevention by Design: One way to avoid indirect use audits is to be transparent with SAP from the start (to a reasonable extent). During annual meetings or QBRs (Quarterly Business Reviews) with SAP, consider sharing your integration plans and usage forecasts (especially if you have them documented from the integration governance process). If SAP knows you’re adding a new interface that will double document volume, you can negotiate any license implications ahead of time rather than react to an audit finding. This doesn’t mean inviting audits – you treat SAP as a stakeholder in your growth. Often, SAP will work with you on a solution (they’d rather sell you an appropriate package now than fight later). Just be sure that any verbal understanding is formalized in writing (through a contract amendment or at least an email confirmation from SAP).
Independent Compliance Health-Checks: Just as you’d get an external security audit, consider an external licensing health-check every 1-2 years. Independent SAP licensing consultants can review your usage versus entitlements, simulate an audit, and identify any potential indirect access issues. They can also advise if you’re over-licensed (perhaps you bought an FUE count that is too high). This lets you course-correct or negotiate adjustments. For example, suppose a health check in 2025 shows you’re only using 70% of your purchased FUEs (perhaps due to overestimation or user turnover). In that case, you might negotiate to reallocate some of that to other SAP products or reduce costs at renewal. Conversely, if it shows you’re at 110% of your digital document allotment, you can address that before SAP does. Using an independent firm ensures you get an unbiased view – they might find issues that SAP’s team wouldn’t volunteer.
Strategic Sourcing and Long-Term Planning: Treat RISE not just as a technical migration but as a long-term sourcing decision. Plan out your SAP roadmap 5–10 years from now: Will you significantly add more users or integrations (e.g., if your business is growing or acquisitions are likely)? If so, negotiate a growth framework in your contract. Consider locking in pricing for additional users or offering a discount tier if you exceed a certain FUE threshold. If there’s a chance you might divest or reduce usage, try to avoid rigid volume commitments that you can’t easily adjust (although SAP tends to lock in minimums, you can sometimes build in some flexibility for reducing users in later years, especially if you have a known event). Keep an alternative in your back pocket: stay on-prem (with third-party support) or use a different provider for some functions. A credible Plan B gives you negotiation leverage even if you’re committed to SAP. SAP knows that by 2027, customers will need to transition off ECC, but you can use this timing to your advantage. The best deals in 2024–2025 often occurred when customers demonstrated they were equally prepared to consider alternative paths (such as a lift-and-shift to a hyperscaler with existing licenses) if the RISE deal wasn’t favorable. Strategic sourcing means not appearing captive to RISE, even if it’s your preferred choice.

3. Red Flags to Watch For

Throughout the negotiation and management of RISE, keep an eye out for these warning signs that could spell trouble later:

Contract Lacks Specifics: If your RISE order form doesn’t list the number of FUEs, the included digital access documents (or a statement that digital access is included), or which environments/services are provided, pause and get it added. Vague contracts benefit the vendor. For example, a clause that says “Indirect use may require additional licensing as per SAP policies” is a huge red flag – it foreshadows an argument later. All important details should be either included in the contract or referenced by a specific SAP document.
Excessive Reliance on Verbal Assurances: Sales reps might tell you, “Don’t worry, indirect access is not a problem under RISE,” or “We’ll take care of you on that if it ever comes up.” No matter how friendly the relationship, get it in writing. If it’s not in the contract, it’s not guaranteed. A common mistake is to trust that because RISE is a subscription, “SAP won’t nickel and dime us.” It is generally true that SAP’s interests align with your success in the cloud, but don’t leave it to chance. Insist that all promises are reflected in the contract or an official SAP email/letter.
Missing Exit Strategy: This might not seem related to indirect access, but it is. If your contract doesn’t specify what happens if you leave RISE (e.g., providing a read-only period or allowing you to convert to on-prem licenses), you could be stuck in a costly extension because you can’t afford downtime. Indirectly, this affects leverage: SAP knows if you have no exit, you’ll pay whatever they ask at renewal. Therefore, ensure that there are terms regarding the extraction of your data and any assistance SAP provides if you transition off. A clear exit plan keeps renewal negotiations honest and indirectly protects you from any “surprise” fees (since SAP can’t force you to stay due to data hostage scenarios).
Over-Commitment of FUEs: Be wary of significantly oversizing your initial FUE count “just to be safe.” While you want to cover your needs, remember that FUEs are what you pay for. If SAP encouraged you to count every possible user and a hefty buffer, you might buy shelfware in the cloud. That wastes the budget and could signal SAP that indirect usage is less of a concern (since they see you have headroom). It’s better to purchase what you realistically need and have terms to add more if needed. Over-licensing is a hidden cost – you might not realize you’ve locked in a higher spend than necessary until it’s too late. Scrutinize SAP’s user count logic against your data; don’t automatically accept their number if it seems padded.
Ignoring the “Grey Areas”: Some scenarios fall between clear definitions. For example, if you use a non-SAP reporting tool that queries SAP’s database indirectly, is that a licensed access (since it uses a service account)? Or if an AI/ML system reads SAP data to make predictions. SAP’s contracts might not explicitly mention these modern cases. Treat any such grey area as a risk and get clarification. Sometimes, simply asking the question and receiving an email response from SAP helps; ideally, push for the contract to state something like “Read-only indirect access for reporting or analytics purposes is permitted.” Don’t ignore these use cases because they aren’t front and center – anyone could be an audit sticking point if left unaddressed.

By following this playbook of proactive negotiation, diligent monitoring, and strategic management, customers can enjoy the benefits of RISE with SAP (flexibility, innovation, cloud delivery) without falling victim to indirect access surprises that plagued the on-premise era.

Next, we’ll look at a few real-world scenarios that illustrate these points in action.

Real-Life Examples and Scenarios

Examining scenarios from other organizations can shed light on the importance of managing indirect access wisely under RISE:

Scenario 1: The Costly Surprise – Background: A large manufacturing company signed a RISE with SAP contract in 2024, drawn by the promise of an all-in-one cloud solution. They migrated their core ERP and connected their e-commerce website to S/4HANA (on RISE) to automate online orders. Issue: The initial contract didn’t explicitly mention digital access. The customer assumed all indirect usage was unlimited. A year later, SAP’s usage review revealed that the volume of sales documents created via the website exceeded what SAP considered “fair use” for the subscribed level. SAP informed them that they needed to purchase an additional digital document pack to legitimize the usage, incurring unplanned fees in the mid-six figures. The CIO was caught off guard – the whole point of RISE was to avoid this scenario. Lesson: This company’s experience highlights the importance of clearly defining indirect usage terms. If they had negotiated upfront to include unlimited sales order documents from their e-commerce site, they could have avoided a budget hit. It also shows that SAP hasn’t abandoned charging for high indirect usage; they will enforce it if it exceeds the contract assumptions. The company brought in an independent licensing consultant after the incident, who helped renegotiate the contract to include a higher document cap and secured a concession from SAP to credit part of the unexpected fee towards an expanded subscription. In the future, they instituted quarterly internal audits of document counts to ensure no further surprises.
Scenario 2: Successful Preventive Negotiation – Background: A global retail firm preparing for a RISE migration in 2025 knew indirect access was a potential pitfall from experience (they had been audited by SAP years before for a third-party warehouse system interfacing with ECC). Determined not to repeat history, their sourcing team, advised by an SAP licensing expert, went into the RISE deal negotiations with a clear list of requirements. Actions: They identified all third-party systems (point-of-sale systems, supplier portals, mobile apps for store managers) that would integrate with SAP. They negotiated language in the contract that each named interface was included in the subscription. They also took advantage of SAP’s incentives – since SAP was eager to sign a RISE deal, the customer negotiated, at no extra cost, an additional allowance of 100,000 business documents/year to cover indirect transactions. Furthermore, they secured a clause that if their indirect document count grew above that, they could purchase additional blocks at a preset unit price (removing uncertainty). Outcome: Over the first year on RISE, the retail firm experienced a surge in portal usage during a new product launch; however, all those transactions were covered. The customer was well within their contracted limits when SAP came for the annual review. No compliance issues, no extra fees. Lesson: This scenario demonstrates that investing time in negotiation and contract clarity yields significant benefits. By foreseeing their integration needs, the company leveraged RISE’s flexibility to create a truly “
worry-free” experience for indirect access. The CIO reported to the board that their digital transformation (connecting SAP with modern apps) was accomplished with “no hidden costs,” bolstering IT’s credibility.
Scenario 3: Managing an Unplanned Integration – Background: A mid-sized enterprise on RISE (private cloud edition) had a solid contract covering their known interfaces. Midway through their term, they implemented a new AI-driven analytics platform to pull data from S/4HANA and other sources for machine learning insights. This wasn’t in the original plan. Issue: The analytics platform would query SAP data indirectly (using OData APIs) and might create some prediction records back in SAP. Initially, the project team assumed this was fine since they had sufficient professional user FUEs. However, an architect flagged that this machine-to-machine interaction could be considered indirect use if creating new records in SAP. Action: The company proactively contacted its SAP account team and explained the new use case, requesting confirmation on whether it was covered. SAP appreciated the transparency and confirmed that as long as the user account used for the API was already a licensed user, they complied with reading data. SAP suggested that those would count as a document type (maybe a custom object) for writing back predictions. Seeing an upsell opportunity, SAP offered an add-on IoT/analytics package. With advice from their independent advisor, the customer negotiated instead to use some of their existing unused document allowance (they had negotiated a buffer in their RISE contract) to cover this new data type. SAP agreed without increasing fees, given the relatively low volume. Outcome: The AI integration went live, and the customer and SAP clearly understood that it fell within the allowed usage. Lesson: New technology can introduce grey areas even with a good contract. The customer avoided any later contention by addressing it openly and leveraging unused capacity in their contract. It also highlights that RISE’s flexibility (like having a buffer of extra capacity) can accommodate innovation if managed wisely.
Scenario 4: The Importance of Independent Audit Defense – Background: An energy sector company had moved to RISE in 2023. By 2025, they felt confident that indirect access was no longer an issue, as everything seemed to be running smoothly. They integrated numerous systems, including field service apps and customer self-service portals. They did not conduct internal license audits in the cloud, trusting SAP’s “inclusive” model. Issue: 2025, as SAP’s sales team discussed renewal, they performed a licensing assessment. They pointed out that the customer’s FUE count was now 30% over the contracted number (due to growth and more non-human service accounts consuming SAP data).Additionally, one of the SAP Solution Extensions they had installed (a third-party add-on sold by SAP) had its user metrics, which weren’t fully covered. The customer was caught off guard and faced a significant cost increase if they formally adjusted their contract. Action: The customer engaged an independent licensing firm to perform a rapid compliance audit and counter-analysis. That team discovered that some of SAP’s counts were based on default assumptions (e.) . Treating all interface accounts as full Professional users when some could be reclassified as lower-tier. They worked with the customer to optimize configurations and retire some dormant users, significantly reducing the FUE overage. They also found that the Solution Extension usage was within a free tier that SAP had overlooked. Armed with this data, the customer returned to SAP and demonstrated that their effective usage was within tolerance. They negotiated a modest increase in FUE (with corresponding subscription fee adjustment) to cover future growth, rather than the punitive 30% hike SAP initially proposed. Lesson: This example underscores that staying proactive and enlisting expert help can prevent vendor overcharges even in a cloud model. SAP isn’t infallible in measuring usage – customers need to validate and, if needed, push back. The company saved millions over the next term by treating an impending compliance issue like a negotiable situation rather than an automatic bill
and maintained a good relationship with SAP.

Each scenario reinforces core principles: be proactive, negotiate clearly, monitor continuously, and don’t hesitate to get independent help.

Indirect access in the RISE era is far more manageable than before, but it rewards those who stay engaged. Companies that treat SAP licensing as a living aspect of their IT strategy (rather than a one-and-done purchase) tend to avoid the pitfalls and reap the benefits of innovation on SAP’s platform.

Author

Fredrik Filipsson

Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.
View all posts

SAP Indirect Access Licensing in RISE with SAP (2024–2025): CIO Playbook