Managing Indirect Access

FlexNet Manager Suite 2019 R1 (On-Premises Edition)

Every user who accesses SAP software directly or indirectly requires an SAP Named User license. Direct access means that a user directly accesses an SAP system. Indirect access means that a user accesses SAP software or SAP data via a remote (third-party) system. For example, a user who logs on to an HR portal, which in turn connects to an SAP system, indirectly accesses the SAP system.

Types of indirect access include the following:

  • A remote (non-SAP) system communicates with an SAP system via remote function call (RFC), using one or more SAP service accounts.
  • A remote (non-SAP) system communicates with an SAP system via web services, using one or more SAP service accounts.
  • A remote (non-SAP) system communicates with an SAP system via SAP Process Integration (PI), using one or more SAP service accounts.
  • An SAP system is used to generate a file containing data from SAP software. This file is then distributed to or used by many users or other non-SAP systems.

In all of these instances, a user does not log on directly to an SAP system. FlexNet Manager for SAP Applications can recognize indirect access that occurred via RFC, and collects relevant evidence. This evidence can be split into two categories: SAP user account evidence and remote system evidence.

With FlexNet Manager for SAP Applications, you can manage instances of indirect access and reduce potential liabilities due to indirect access. FlexNet Manager for SAP Applications helps your organization to consolidate user accounts from non-SAP systems with those from SAP systems so that if the same people are using SAP and non-SAP systems, the total number of Named User licenses that are required is unchanged even when including non-SAP systems.