POV 3: Using Integration Suite as Your Governed MCP Server Platform (Part 3/4)

POV 3: Using Integration Suite as Your Governed MCP Server Platform (Part 3/4)
Estimated read time 7 min read

This Blog is Part 3 of a Blog series (4 Parts!). Click on the following to navigate back to the main menu of POV on How to Approach Custom Agents in the Enterprise – Blog Series.

 POV 3: Using Integration Suite as Your Governed MCP Server Platform *Coming Q2/2026

If you didn’t have a chance to tune in to SAP Tech Ed’s IN200v | Empower your agents to be responsible (2025) then it is notable that in Q2/2026 SAP Integration Suite’s API Management will allow you to apply additional security policies to APIs in your MCP servers and publish your secure APIs with MCP documentation for Agent consumption via the API and MCP Gateway.

Why is this important?

MCP allows agents to access external information for systems, APIs, documents all while reducing agent complexity. In summary, agents with a MCP client will rely on the MCP server to provide structured metadata to the APIs/Protocols. However, these APIs within the MCP server will likely not meet all security requirements and pose some security risk.

With SAP Integration Suite’s API and MCP gateway, you will be able to apply additional API Policies around multi-protocol connectivity, routing, transformations (eg. JSON to XML), mapping, traffic management, and security requirements to further secure, monitor and govern your APIs being leveraged as part of your MCP. This will be incredibly powerful for both SAP Agents and non-SAP agents.

Image taken from SAP Tech Ed’s IN200v | Empower your agents to be responsible (2025)

How is this relevant to on-premise users?

Users that are on-premise (eg. ECC, S/4HANA on-prem) can leverage Integration Suite to create custom APIs through OData Services or modify prebuilt S/4HANA APIs (see Business Accelerator Hub) and apply additional API policies to reduce security risk. These APIs can then be leveraged in SAP as well as non-SAP agents. However, it is important to consider the rebuild effort of business context and security when accessing SAP data outside of Joule agents (as described in POV 1).

Where else can Integration Suite and SAP help in my Agent Build?

SAP Business Data Graphs! Within Integration Suite you can explore, design, and extend Graph APIs (Odata V4 or GraphQL) for agent consumption.

Think of this as a semantic layer (connecting multiple entities) that sits on top of the API that allows your agent to receive a mix of entities from one central entity – removing the Agent’s effort to combine the entities together.

Graphs are powerful because the projections between data sources (entities) are automatically created between SAP data as SAP leverages the One Domain data model. However, there are also capabilities for developers to extend to non-SAP. Therefore, allowing you to have a simplified semantically rich API ready for Agent consumption with the bonus to apply additional API policies on top of it, resulting in a secure Graph API. For more information on Graph APIs please check out this blog on an Intro to SAP Graphs & Graph in Integration Suite Blog.

An example of this can be seen in the image below that summarizes the demo shown at SAP Tech Ed’s IN200v | Empower your agents to be responsible session. You can see that a user prompts an Agent that leverages MCP API tools with additional governance policies applied to the Graph API. This showcases secure and semantically connected data across SAP Risk assessment, Supplier Plant, and Supplier plant materials entities – resulting in higher performing responsible, relevant and reliable AI Agent response.

 

 

 

Source: Graph – SAP Help

Source: Watch Tech Ed sessions on-demand

 

Next POV?

To check out Part 4 of the Blog Series click: POV 4 – Putting it all Together Across Your Enterprise.

Or click on the following to navigate back to the main menu of POV on How to Approach Custom Agents in the Enterprise – Blog Series.

 

​ This Blog is Part 3 of a Blog series (4 Parts!). Click on the following to navigate back to the main menu of POV on How to Approach Custom Agents in the Enterprise – Blog Series. POV 3: Using Integration Suite as Your Governed MCP Server Platform *Coming Q2/2026If you didn’t have a chance to tune in to SAP Tech Ed’s IN200v | Empower your agents to be responsible (2025) then it is notable that in Q2/2026 SAP Integration Suite’s API Management will allow you to apply additional security policies to APIs in your MCP servers and publish your secure APIs with MCP documentation for Agent consumption via the API and MCP Gateway.Why is this important? MCP allows agents to access external information for systems, APIs, documents all while reducing agent complexity. In summary, agents with a MCP client will rely on the MCP server to provide structured metadata to the APIs/Protocols. However, these APIs within the MCP server will likely not meet all security requirements and pose some security risk.With SAP Integration Suite’s API and MCP gateway, you will be able to apply additional API Policies around multi-protocol connectivity, routing, transformations (eg. JSON to XML), mapping, traffic management, and security requirements to further secure, monitor and govern your APIs being leveraged as part of your MCP. This will be incredibly powerful for both SAP Agents and non-SAP agents.Image taken from SAP Tech Ed’s IN200v | Empower your agents to be responsible (2025)How is this relevant to on-premise users?Users that are on-premise (eg. ECC, S/4HANA on-prem) can leverage Integration Suite to create custom APIs through OData Services or modify prebuilt S/4HANA APIs (see Business Accelerator Hub) and apply additional API policies to reduce security risk. These APIs can then be leveraged in SAP as well as non-SAP agents. However, it is important to consider the rebuild effort of business context and security when accessing SAP data outside of Joule agents (as described in POV 1).Where else can Integration Suite and SAP help in my Agent Build?SAP Business Data Graphs! Within Integration Suite you can explore, design, and extend Graph APIs (Odata V4 or GraphQL) for agent consumption.Think of this as a semantic layer (connecting multiple entities) that sits on top of the API that allows your agent to receive a mix of entities from one central entity – removing the Agent’s effort to combine the entities together.Graphs are powerful because the projections between data sources (entities) are automatically created between SAP data as SAP leverages the One Domain data model. However, there are also capabilities for developers to extend to non-SAP. Therefore, allowing you to have a simplified semantically rich API ready for Agent consumption with the bonus to apply additional API policies on top of it, resulting in a secure Graph API. For more information on Graph APIs please check out this blog on an Intro to SAP Graphs & Graph in Integration Suite Blog.An example of this can be seen in the image below that summarizes the demo shown at SAP Tech Ed’s IN200v | Empower your agents to be responsible session. You can see that a user prompts an Agent that leverages MCP API tools with additional governance policies applied to the Graph API. This showcases secure and semantically connected data across SAP Risk assessment, Supplier Plant, and Supplier plant materials entities – resulting in higher performing responsible, relevant and reliable AI Agent response.   Source: Graph – SAP HelpSource: Watch Tech Ed sessions on-demand Next POV?To check out Part 4 of the Blog Series click: POV 4 – Putting it all Together Across Your Enterprise.Or click on the following to navigate back to the main menu of POV on How to Approach Custom Agents in the Enterprise – Blog Series.   Read More Technology Blog Posts by SAP articles 

#SAP

#SAPTechnologyblog

Avatar for

You May Also Like

More From Author