Enterprise Architecture

Agentic AI

Preview

SAP AI & Agentic Architecture Center

Strategic and technical reference for enterprise architects, AI architects, and CIO/CAIO organisations. Covers SAP Business AI strategy, Joule Agents, multi-agent orchestration, enterprise agent patterns, AI governance, SAP Sapphire announcements, and canonical reference architectures.

SAP AI Strategy

How SAP positions Business AI as an embedded capability across every application, process, and platform layer — not as a standalone product.

SAP defines SAP Business AI as AI that is relevant (grounded in SAP business context and data), reliable (enterprise-grade with human controls), and responsible (governed, auditable, privacy-preserving). This is not a standalone AI product — it is AI embedded at every layer of the SAP Business Suite, delivered through SAP Joule and the SAP AI Foundation platform.

The strategic bet is that AI-powered ERP has a structural advantage over general-purpose AI: SAP systems hold the most complete, trusted representation of enterprise operations — purchase orders, financial ledgers, HR records, supply chains, customer contracts. AI that reasons over this data and can directly act on released APIs creates business value that generic LLMs cannot replicate. SAP calls this the AI-First ERP vision.

SAP Business AI

Definition: AI capabilities embedded natively in SAP business applications (S/4HANA, SuccessFactors, Ariba, Concur) — not bolt-on features. Examples: Joule in Finance, predictive analytics in procurement, intelligent document processing.

AI Foundation

Definition: The underlying platform services — SAP AI Core (compute and MLOps), SAP Generative AI Hub (LLM access), and SAP AI Launchpad (ops UI). AI Foundation is included in RISE with SAP and GROW with SAP entitlements.

AI-First Strategy

SAP embeds AI into every process thread — not as a post-processing overlay. This means SAP engineering teams rebuild workflows around AI agents that can read, reason, and act, with humans confirming high-impact decisions before execution.

SAP Joule

Positioning: SAP's conversational AI copilot embedded across the SAP Business Suite. Not a chatbot — Joule routes user intent to pre-built or custom skills that call released OData V4 APIs with full Principal Propagation and role enforcement.

Joule Agents

Next evolution: Autonomous agents that go beyond single-skill responses to execute multi-step workflows — reading data, forming a plan, calling multiple tools, and surfacing results. Human confirmation required for write operations.

SAP Business Suite + AI

Every flagship SAP product embeds Business AI: S/4HANA (finance, procurement, operations), SuccessFactors (talent, payroll), Ariba (sourcing, contracts), Concur (T&E), Fieldglass (VMS). AI is part of the licence, not a separate purchase.

SAP AI Layer	What it is	Personas	Commercial model
SAP Business AI	Embedded AI capabilities in SAP applications	Business users, process owners	Included in application licence
SAP Joule	Conversational AI copilot across SAP applications	End users, knowledge workers	RISE/GROW included; Joule Booster add-on
Joule Agents	Autonomous multi-step agents on Joule infrastructure	Power users, process experts	Joule Booster + AI Core (CPEA)
AI Foundation	SAP AI Core + Generative AI Hub + Launchpad	Developers, ML engineers, architects	RISE/GROW included (standard); CPEA for extended
SAP AI Core	MLOps platform — train, deploy, serve models	ML engineers, platform teams	CPEA (Resource Units + Inference Units)
Generative AI Hub	20+ foundation models via SAP-managed endpoints	Developers, prompt engineers	CPEA (per 1K tokens per model)

Agentic AI Overview

The shift from copilot assistance to autonomous goal-directed agents that plan, act, and adapt.

What is Agentic AI?

An AI Agent is a software system that combines a large language model with a set of tools and a reasoning loop. The LLM acts as a decision engine — it receives a goal, creates a plan, selects appropriate tools (API calls, database queries, calculations), observes results, and iterates until the goal is achieved or it needs human input.

SAP's implementation uses the ReAct pattern (Reason–Act–Observe) where the agent thinks step-by-step, calls one tool at a time, and refines its reasoning based on what the tool returns — grounded in SAP business context via the Orchestration Service.

Agent vs. Copilot (Assistant)

Goal execution

Responds to one question at a time

Decomposes and executes multi-step goals autonomously

Tool use

Calls one pre-defined skill per intent

Selects from a dynamic toolset; chains multiple API calls

Memory

Single conversation context

Persistent session + long-term memory in HANA Cloud

Human involvement

Every response is reactive to user input

Runs autonomously; surfaces for approval only when required

Error recovery

None — returns response or error message

Retries, reformulates plan, or escalates on failure

Copilot

Agent

Autonomous Workflows

Agents execute workflows that previously required human coordination across systems. Example: month-end close — the agent queries all outstanding items, triggers reconciliation tasks, posts corrections after approval, and generates the close status report. The human role shifts from executor to approver.

Human-in-the-Loop (HITL)

SAP's design principle: agents autonomously read and analyse; humans explicitly approve writes. Confirmation gates are implemented via Joule confirmation cards, SAP Build Process Automation approval steps, or SAP Task Center tasks — all creating a traceable audit log.

Multi-Agent Systems

Complex goals are decomposed across specialised sub-agents running in parallel. An Orchestrator Agent (high-capability LLM) plans and delegates. Specialist Agents(optimised for cost/latency) execute: data retrieval, process execution, RAG knowledge lookups, and escalation routing — then the orchestrator synthesises the final response.

SAP Agent Architecture

How user intent flows from natural language through Joule, the agent reasoning engine, and the tool layer to SAP business systems.

SAP Agent Architecture — User to Business System

Rendering diagram…

User

End user in SAP Fiori Launchpad or Work Zone. Interacts in natural language through the embedded Joule panel.

Joule

SAP Joule classifies intent via the Skill Router and either dispatches to a pre-built skill or routes to a Joule Agent for complex goals.

Agent

LLM-powered reasoning engine (GPT-4o or Claude 3.5). Uses the ReAct loop: reasons about the next action, calls a tool, observes results, repeats.

Tools

Callable functions the agent uses: OData V4 APIs, CAP service functions, Build Process Automation workflows, HANA Vector search, Integration Suite iFlows.

Business Systems

SAP S/4HANA, SuccessFactors, Ariba — the systems of record. Only accessed via released, role-enforced APIs. Never bypassed via direct DB access.

Multi-Agent Orchestration Pattern

Multi-Agent Orchestration — Planner and Specialist Agents

Rendering diagram…

Availability: Full multi-agent orchestration with dynamic agent-to-agent delegation is on the SAP Road Map. As of 2025, the Orchestration Service and Joule Studio skills provide the foundation. Validate current availability on SAP Discovery Center and the SAP Road Map (roadmaps.sap.com) before architecture commitments.

Joule Agents

Building autonomous agents on the Joule infrastructure using Joule Studio and the emerging Agent Builder.

Joule Agent Builder

The Joule Agent Builder (Preview — SAP Road Map) is a guided, low-code tool within Joule Studio for defining agent personas, goals, tool sets, and escalation rules. It generates the agent skeleton TypeScript code and registers the agent with the Joule Skill Catalogue so it appears in the Joule panel.

Joule Agent Builder is in Preview as of mid-2025. Custom agent development today uses Joule Studio skill SDK directly. Verify roadmap status at SAP Discovery Center.

Agent Design Principles

Single Responsibility: Each agent is designed for one domain (Finance, HR, IT). Avoids cross-domain coupling and maintains clear security boundaries.
Tool-First Design: Define the tool set before writing agent logic. Tools are reusable across agents — a "Get PO Status" tool is shared by Finance, Procurement, and Reporting agents.
Fail Safe by Default: On any uncertainty, the agent surfaces to the user for clarification rather than taking a default action. No silent failures.
Idempotent Write Tools: All tool functions that modify data are designed to be idempotent — calling them twice has the same effect as once. Prevents double-posting.
Minimal Privilege: Agent service account has exactly the OData scopes needed. No wildcard roles. Audited separately from the human user scopes.

Skills

Skills are the fundamental capability units within Joule. Each skill handles a specific intent (e.g. “check leave balance”). An agent is effectively a skill that can chain multiple other skills and API calls within a single goal-directed conversation thread.

Actions

Actions are the executable operations an agent can take: calling an OData API, triggering a Process Automation workflow, posting to Event Mesh, querying HANA Vector Engine, or asking the user a clarifying question via ctx.clarify().

Knowledge Sources

Agents can be grounded with company-specific knowledge: internal policies, process documentation, product catalogues, SAP Help content. Knowledge is indexed as vector embeddings in HANA Cloud and retrieved automatically at query time via the Orchestration Service's Grounding Module.

Context Management

Session context (user identity, active work object, prior conversation turns) is persisted in HANA Cloud. The agent accesses context via ctx.sessionContext. Long-term user preferences and delegation rules can be stored as persistent entities linked to the user's BTP identity.

Enterprise Agent Patterns

Complete architecture, workflow, API, and security reference for five production-grade Joule Agent patterns.

HR Agent

Employee self-service, leave, payroll, and HR processes

The HR Agent handles employee queries across SuccessFactors — leave balances, payslip access, holiday calendars, and benefit enrolment — and can initiate leave requests subject to manager confirmation. It uses RAG over company HR policies to ground all answers in official documentation.

Architecture

Joule Studio skill with SuccessFactors OData V2 tools
HANA Vector Engine — HR policy knowledge base
SAP IAS Principal Propagation for employee identity
Build Process Automation — leave approval workflow
SAP Task Center — manager approval task

Workflow Steps

1Employee asks: "How many leave days do I have?"
2Agent calls SF OData API: GET /LeaveBalance
3Checks policy RAG: entitlement rules for employee type
4Responds with balance + policy context
5If booking: presents confirmation card for employee
6On confirm: POST /TimeOff → triggers manager workflow
7Manager approves in Task Center → agent notifies employee

SAP APIs

SF: GET /LeaveBalanceOData V2
SF: POST /TimeOffOData V2
SF: GET /PayStatementOData V2
BPA: Trigger leave workflowREST
Task Center: Create taskREST

Security Controls

Principal Propagation: employee JWT to SuccessFactors
SAP IAS: single sign-on, MFA enforced
Least-privilege scope: only HR OData scopes
PII masking in Orchestration Service
Audit log: every API call logged with user + timestamp

Procurement Agent

Purchase requisitions, PO tracking, supplier information, approval routing

The Procurement Agent manages the full purchase-to-pay cycle from within the Joule panel. It reads PO and PR status from S/4HANA, retrieves supplier data from Ariba, recommends vendors using Gen AI Hub reasoning over historical spend data, and routes approvals through configured approval workflows.

Architecture

S/4HANA OData V4: MM purchasing APIs
SAP Ariba Network API for supplier data
HANA Cloud: spend analytics + supplier scoring
Gen AI Hub: vendor recommendation reasoning
Build Process Automation: multi-level approval workflow

Workflow Steps

1User: "Create a PR for 50 Dell laptops under IT budget"
2Agent retrieves approved vendor list from Ariba
3LLM scores vendors by price/quality/delivery from HANA data
4Presents recommendation with justification to user
5User confirms vendor and quantity
6Agent calls POST /PurchaseRequisition in S/4HANA
7Triggers multi-level approval workflow via BPA

SAP APIs

S/4: GET /PurchaseOrderOData V4
S/4: POST /PurchaseRequisitionOData V4
Ariba: GET /SuppliersREST
HANA: Spend analytics viewSQL / OData
BPA: Approval workflow triggerREST

Security Controls

Role-based purchasing limits enforced at API layer
Ariba API key stored in BTP Destination Service (no hardcode)
Spend limit validation before PR creation
Dual-control: buyer creates, manager approves
SAP GRC integration for compliance checks (roadmap)

Finance Agent

G/L queries, FI period close, variance analysis, journal entries

The Finance Agent accelerates period-close activities by autonomously querying G/L accounts, identifying discrepancies, generating variance commentary using Gen AI Hub, and routing journal entry approvals through the finance controller. It replaces hours of manual query-and-report cycles.

Architecture

S/4HANA FI OData V4: G/L, controlling, cost centres
SAP Analytics Cloud API: actuals vs. plan data
Datasphere: consolidated financial data fabric
Gen AI Hub (GPT-4o): variance narrative generation
Orchestration Service: grounded on accounting policies

Workflow Steps

1CFO asks: "Summarise Q3 variance vs. plan by cost centre"
2Agent queries SAC API for actuals and plan data
3Retrieves cost centre structure from S/4HANA
4LLM analyses variance, generates narrative per cost centre
5RAG: grounds narrative against accounting policy docs
6Presents board-ready summary with top 3 variances
7CFO requests journal correction → triggers FI approval

SAP APIs

S/4: GET /GLAccountOData V4
S/4: POST /JournalEntryOData V4
SAC: GET /PlanDataREST API
Datasphere: Consumption APIOData V4
Gen AI Hub: Chat completionsAI API

Security Controls

FI posting period controls enforced via S/4HANA authorisation
Journal entries: maker-checker approval mandatory
Sensitive financial data: Orchestration PII masking enabled
SOD (Segregation of Duties): agent cannot both post and approve
All G/L queries logged in SAP Security Audit Log

IT Service Agent

Incident creation, ticket status, ITSM workflows, knowledge base search

The IT Service Agent deflects Level 1 ITSM tickets through intelligent self-service. It searches the IT knowledge base via RAG, creates incidents if self-service fails, monitors ticket progress, and escalates to on-call engineers. Integrates with ITSM tools via SAP Integration Suite.

Architecture

SAP Integration Suite: ITSM connector (ServiceNow / Jira)
HANA Vector Engine: IT knowledge base (KB articles)
Gen AI Hub: solution recommendation with RAG grounding
Build Process Automation: escalation workflow
SAP Event Mesh: real-time ticket status notifications

Workflow Steps

1Employee: "My VPN is not connecting from home"
2Agent: RAG search of KB → finds VPN reset procedure
3Presents step-by-step fix with screenshots (if found)
4If unresolved: "Shall I create an incident?" → confirm
5POST incident via Integration Suite → ITSM tool
6Agent monitors via Event Mesh for status updates
7Notifies employee when ticket is assigned/resolved

SAP APIs

Integration Suite: POST /IncidentiFlow REST
Integration Suite: GET /Ticket/{id}iFlow REST
HANA Vector: KB searchSQL cosine similarity
Event Mesh: ticket-updates topicAMQP / REST
Gen AI Hub: Orchestration (RAG)AI API

Security Controls

ITSM access via Integration Suite OAuth2 client credentials
KB articles: role-filtered (no access to security-classified docs)
Incident creation limited to reporting user's own assets
Escalation: PagerDuty/on-call only via Integration Suite (not direct)
Content filter: blocks requests to query other users' tickets

Project Management Agent

Project status, milestone tracking, resource planning, risk reporting

The Project Management Agent provides real-time project intelligence from SAP Project System and SAP PPM. It reads milestone progress, identifies at-risk deliverables using LLM reasoning, suggests corrective actions grounded in PMO policies, and creates status reports for programme governance.

Architecture

S/4HANA Project System OData V4 APIs
Datasphere: consolidated project data + KPIs
HANA Vector Engine: PMO policies and templates
Gen AI Hub: risk narrative and corrective action
SAP Analytics Cloud: programme dashboard data

Workflow Steps

1PMO asks: "Which projects are at risk this quarter?"
2Agent queries all active projects from PS APIs
3Calculates SPI/CPI (Schedule/Cost Performance Index)
4LLM identifies risk patterns, cross-references PMO policy (RAG)
5Generates risk register with root causes and recommendations
6Creates SAC dashboard update with narrative commentary
7Optionally: creates corrective action tasks in Work Zone

SAP APIs

S/4: GET /Project + MilestonesOData V4
S/4: GET /WBSElementOData V4
Datasphere: GET /ProjectKPIsOData V4
SAC: GET /PlanVsActualREST API
Work Zone: POST /TaskREST API

Security Controls

Project data access: role-filtered to user's portfolio
No cross-project data leakage in multi-tenant scenarios
RAG knowledge: PMO policies filtered by classification level
Report output: cannot include budget data without FI role
Audit trail: every project query logged with requestor identity

AI Governance

SAP's framework for Responsible AI, security controls, auditability, data privacy, and regulatory compliance.

SAP Responsible AI Framework

SAP Responsible AI is built on five commitments, published by SAP and embedded into every Business AI capability. These are not aspirational statements — they map to specific technical controls in AI Core and the Orchestration Service.

Reliable: AI outputs are grounded in SAP business data. RAG retrieval reduces hallucination. Human-in-the-loop for writes.

Private: Prompts processed within SAP infrastructure. PII masking via Orchestration Service. Data never used for model retraining.

Safe: Content filtering (Azure AI Content Safety) on all LLM inputs and outputs. Configurable harm category thresholds.

Transparent: AI decisions include source citations. Groundedness check flags unverified responses. Audit log for all agent actions.

Accountable: Human approval required for all system-of-record writes. Every action linked to a user identity and role context.

Security Controls

Principal Propagation: User JWT forwarded from BTP to S/4HANA via Destination Service OAuth2 SAML Bearer. No service-account escalation for user-initiated actions.
Least-Privilege API Scopes: Agent service accounts hold only the OData scopes required for defined tools. Reviewed during Joule Studio security review.
BTP Destination Service: All credentials (API keys, OAuth client secrets) stored in BTP Destination Service. Never hardcoded in agent code or templates.
Network Isolation: AI Core and Gen AI Hub run in SAP-managed VPCs. Private Link available for S/4HANA on-premise connectivity. No public internet exposure of backend APIs.
Content Filtering: Azure AI Content Safety filters on all LLM input/output via Orchestration Service. Configurable per deployment.

Auditability

SAP Security Audit Log: All Joule skill invocations and agent API calls logged in S/4HANA Security Audit Log with user, timestamp, and action.
BTP Audit Log Service: BTP-side agent actions logged in the BTP Audit Log Service — available for SIEM integration via Cloud Logging Service.
HITL Audit Trail: Every human confirmation (approve / reject / modify) creates an immutable record in Build Process Automation or Task Center.
Token Usage Tracking: Gen AI Hub tracks token consumption per resource group and user context. Supports chargeback reporting by cost centre.

Data Privacy

Data residency: All Gen AI Hub inference occurs within SAP-operated infrastructure in the configured BTP region. Prompts are never forwarded directly to model vendor endpoints — SAP is the data controller.

PII masking: The Orchestration Service applies PII detection and anonymisation to prompts before LLM calls. De-anonymisation applied to the response before returning to the user. Masked PII never exposed to model providers.

Data Processing Agreement: SAP Gen AI Hub is covered by SAP's standard DPA. Customer data is not used for model retraining by any third-party model provider under SAP's agreements.

Retention: Conversation logs in HANA Cloud subject to configurable retention policies. No permanent retention of prompt content by SAP AI infrastructure.

Compliance

EU AI Act: SAP classifies most SAP Business AI capabilities as Limited Risk (transparency obligations). SAP provides compliance documentation for customers' own AI Act assessments.
GDPR / Data Protection: Data residency in EU BTP regions (EU10, EU11). PII masking. Data subject rights supported via SAP Privacy Governance.
SOX / Financial Controls: Finance Agent patterns include segregation of duties controls. Maker-checker enforcement at the OData API layer.
ISO 27001 / SOC 2: SAP AI Core and Gen AI Hub are in scope for SAP's BTP ISO 27001 and SOC 2 Type II certifications. Documentation available via SAP Trust Center.
Industry-Specific: SAP Healthcare, Financial Services, and Public Sector industry clouds have additional compliance controls layered over AI Foundation services.

SAP Sapphire & Key AI Announcements

Availability status for major SAP AI capabilities announced at SAP Sapphire 2025 and through recent SAP Road Map updates.

Availability status reflects SAP official announcements and Road Map entries as of 2025. Always verify current availability on SAP Discovery Center, the SAP Road Map Explorer (roadmaps.sap.com), and the SAP Help Portal before architecture commitments. Planned and Roadmap items are subject to change.

Status:Generally AvailablePlannedRoadmapFuture Direction

Generally Available

SAP Joule — Core skills in S/4HANA Finance, HR, Procurement

11+ GA skills for RISE/GROW customers including F0717 (G/L), F2238 (HR overview), F0974 (PO tracking).

Generally Available

SAP Generative AI Hub — 20+ foundation models

GPT-4o, Claude 3.5, Gemini 1.5 Pro, Llama 3, Mistral Large, DALL-E 3, embedding models — Generally Available.

Generally Available

SAP AI Core — Standard plan with GPU compute

Multi-model deployment, custom training (BYOM), Argo Workflows, Resource Groups — Generally Available.

Generally Available

Gen AI Hub Orchestration Service (RAG + Filtering)

Declarative RAG grounding with HANA Vector Engine, PII masking, content filtering — Generally Available.

Generally Available

SAP AI Foundation (RISE/GROW included)

AI Core + Gen AI Hub access bundled into RISE with SAP and GROW with SAP entitlements.

Generally Available

SAP Build Code — Joule for developers

AI pair programmer in SAP Build Code: code generation, unit test generation, CDS explanation — Generally Available.

Generally Available

Business Data Cloud (BDC)

Unified AI-ready data fabric combining Datasphere + SAC + HANA Cloud + Delta Sharing — Generally Available.

Generally Available

HANA Cloud Vector Engine — REAL_VECTOR columns + ANN index

Native vector storage and similarity search in HANA Cloud. COSINE_SIMILARITY function — Generally Available.

Generally Available

Joule in SAP Analytics Cloud — Smart Insights narration

Gen AI Hub-powered report narration and dashboard insights — Generally Available in SAC.

Generally Available

Llama 3 fine-tuning (BYOM) on AI Core

LoRA-based fine-tuning of open-weight models on proprietary data within AI Core — Generally Available.

Planned

Joule Agent Builder — low-code agent authoring UI

Visual agent design in Joule Studio. Planned for H2 2025 — SAP Road Map. Not yet Generally Available.

Planned

Joule Agents — extended autonomous workflows

Agent execution of multi-step S/4HANA and SuccessFactors workflows. Planned — SAP Road Map.

Planned

Structured output enforcement (JSON Schema in Orchestration)

Enforce a typed JSON schema on LLM output via Orchestration Service. Planned — SAP Road Map.

Planned

Streaming via Orchestration Service (SSE)

Server-sent events streaming through the Orchestration pipeline. Planned — SAP Road Map.

Planned

SAP Joule in Datasphere — natural language data queries

Joule copilot for Datasphere space navigation and data model queries. Planned — SAP Road Map.

Roadmap

Multi-Agent Orchestration — dynamic agent-to-agent delegation

Planner/specialist agent patterns with SAP-managed orchestration framework. On the SAP Road Map (2026 horizon).

Roadmap

SAP GRC + AI — automated compliance monitoring agents

AI agents for continuous SOD monitoring, audit sampling, and compliance reporting. SAP Road Map item.

Roadmap

AI-powered predictive maintenance (SAP PM + AI Core)

Proactive maintenance scheduling using ML models on equipment sensor data. On the SAP Road Map.

Future Direction

Autonomous ERP — AI agents managing end-to-end processes

Self-managing business processes with exception-only human involvement. SAP Future Direction — no committed date.

Future Direction

Graph RAG — entity and relationship-aware retrieval

Knowledge graph traversal combined with vector search for richer context retrieval. SAP Future Direction.

AI Reference Architectures

Five canonical enterprise AI architectures for SAP solutions — from S/4HANA+Joule to Business Data Cloud+Joule.

S/4HANA + Joule

Production-ready architecture for Joule-enabled SAP S/4HANA — on-premise, RISE (PCE), or GROW (Public Cloud).

Reference Architecture A — S/4HANA + Joule

Rendering diagram…

When to use

Standard Joule deployment for RISE/GROW customers. All pre-built skills (Finance, HR, Procurement) plus optional custom skills via Joule Studio.

Key constraints

Joule only calls released OData V4 APIs. No ABAP modifications. S/4HANA 2023+ required. BTP connectivity via Cloud Connector (on-prem) or internal (PCE).

Security pattern

Principal Propagation via BTP Destination Service. User JWT exchanged for SAML assertion. S/4HANA authorisation enforced at API layer — no elevation.

CAP + Joule

Custom Joule Agent backed by a CAP service — for domain-specific business logic and composite scenarios.

Reference Architecture B — CAP + Joule Agent Flow

End User

Fiori / Work Zone

Joule Panel

Intent + Slot Filling

Joule Agent

Reasoning + Tool Selection

CAP Service

CDS Action / Function

S/4HANA Backend

OData V4 Released API

CAP Role

CAP service exposes typed CDS action as a Joule tool. Handles business logic, S/4HANA OData calls, and data transformation — the agent calls it as a single action.

Agent Tools

The Joule Agent tool definition maps to the CAP action URL. Tool schema (JSON Schema) is defined in the Joule Studio skill descriptor.

Auth Pattern

Joule → CAP: XSUAA JWT (BTP user identity). CAP → S/4HANA: Principal Propagation via Destination Service. CAP XSUAA scopes enforce access.

Deployment

CAP on Cloud Foundry or Kyma. Multi-tenant with IAS tenant routing. AI Core skill container separately deployed and registered in Joule Studio.

Work Zone + Joule

Digital workplace experience with Joule embedded — Task Center, approval workflows, and notification-driven agent handoffs.

Reference Architecture C — Work Zone + Joule Agent Flow

Employee

Work Zone Homepage

Joule in Work Zone

Embedded panel

Joule Agent

Task decomposition

Task Center

Unified task inbox

Process Automation

Approval workflow

System of Record

S/4HANA / SuccessFactors

Work Zone Role

SAP Build Work Zone (Advanced Edition) is the single entry point. Joule panel appears across all apps in the launchpad. Task Center aggregates tasks from S/4HANA, SuccessFactors, and BPA workflows.

Agent Integration

Joule Agents initiated from Work Zone operate in the context of the active Work Zone tile or My Inbox task. Context (document ID, process step) is passed to the agent via ctx.appContext.

AI Core + Joule

Joule Studio custom skills with AI Core as the execution engine — for RAG-grounded, LLM-powered agent capabilities.

Reference Architecture D — AI Core + Joule Skill Execution

User / Application

Joule or custom app

Joule Studio Skill

Custom agent logic (TS)

SAP AI Core

Skill execution engine

Orchestration Svc

RAG + template + filter

Gen AI Hub LLM

GPT-4o / Claude 3.5

Skill Execution

Joule Studio skills run as Docker containers on AI Core compute. The skill TypeScript handler calls ctx.callApi() for OData, ctx.searchKnowledge() for RAG, and ctx.generateResponse() for LLM calls.

Orchestration

The Orchestration Service provides the RAG pipeline: embed query → HANA Vector search → inject context → LLM call → content filter. Skills call the Orchestration endpoint, not the LLM directly.

Model Selection

Skill handlers can override model selection per call — GPT-4o for complex reasoning, Claude 3.5 for document analysis, GPT-4o mini for low-latency responses. All routed via Gen AI Hub.

Business Data Cloud + Joule

AI-powered analytics and natural language data access — Joule over Datasphere and SAC for strategic decision support.

Reference Architecture E — Business Data Cloud + Joule

Rendering diagram…

BDC Role

Business Data Cloud (BDC) creates a unified, governed data fabric from S/4HANA, SuccessFactors, and external sources. Datasphere handles integration and semantic modelling; SAC provides BI and planning.

Joule AI Layer

Joule provides natural language query over the BDC data model. The Gen AI Hub Orchestration Service retrieves relevant fact data and business definitions from the HANA Vector Engine before LLM reasoning.

Use Cases

Executive Q&A: "What drove the EBITDA miss in Q3?" Report narration (SAC Smart Insights). Predictive planning assistance. Cross-domain analysis combining HR, Finance, and Supply Chain data.

Reference Architecture Selection Guide

S/4HANA + Joule

RISE/PCE — pre-built Joule skill catalogue

Layers

Fiori Launchpad / Work Zone

Joule Panel + Skill Router

Pre-built Skill Catalogue

BTP Destination (PP)

S/4HANA OData V4 APIs

Key Components

Joule Booster entitlement

BTP Connectivity (CC/BTP CF)

SAP IAS + SPS

S/4HANA 2023+ required

Use Cases

Finance Joule skills

HR self-service

Procurement queries

Month-end assistance

CAP + Joule

BTP side-by-side — custom Joule Studio skills

Layers

Joule Panel

Joule Agent (Joule Studio)

CAP Service (OData V4 action)

CAP → S/4HANA PP

Key Components

Joule Studio (custom skill)

CAP on CF/Kyma

XSUAA + IAS

Destination Service

Use Cases

Custom domain logic

Composite processes

Cross-system agents

ISV extensions

Work Zone + Joule

Digital workplace with embedded conversational AI

Layers

Work Zone (Advanced Ed.)

Joule Panel (embedded)

Task Center

BPA Workflows

Key Components

Work Zone Advanced Edition

Task Center configuration

BPA workflows

Joule Booster

Use Cases

Employee self-service portal

Approval workflows

Digital workplace AI

Task-driven agents

AI Core + Joule

Custom LLM workflows via Orchestration Service + RAG

Layers

Joule Panel

Joule Studio Skill (TS)

AI Core (execution)

Orchestration Service

Gen AI Hub (LLM)

Key Components

AI Core Standard plan

Orchestration Service

HANA Vector Engine

Gen AI Hub 20+ models

Use Cases

RAG-grounded agents

Custom LLM workflows

Knowledge base Q&A

Document intelligence

BDC + Joule

Natural language analytics across enterprise data domains

Layers

SAC + Datasphere

Business Data Cloud

Gen AI Hub + RAG

Joule natural language layer

Key Components

Business Data Cloud licence

HANA Vector Engine

SAC Smart Insights

Gen AI Hub CPEA

Use Cases

Executive NL analytics

Report narration

Predictive planning

Cross-domain insight

Licensing

Commercial model for SAP Business AI, Joule, AI Foundation, AI Core, and Generative AI Hub.

Joule

Generally Available· GA — core skills GA; Joule Booster GA for RISE customers; advanced skills vary

SAP's generative AI copilot embedded across SAP applications — providing natural language interaction for navigation, transactions, insights, and code generation across the SAP portfolio.

RISESubscription

Active Users

Core Joule skills included in RISE with SAP. Joule Booster (additional skill pack) is a separate entitlement for RISE customers. Standalone access requires SAP AI Business Services licensing.

✓ RISE with SAP

Discovery Center Full details

AI Core

Generally Available· GA

SAP's MLOps service on SAP BTP — providing infrastructure for AI model training, deployment, serving, and lifecycle management including access to the Generative AI Hub.

CPEA

Resource UnitsInference UnitsStorage (GB)

CPEA consumption-based: Resource Units for model training/serving, Inference Units for production AI workloads. Storage charged separately.

Discovery Center Full details

Generative AI Hub

Generally Available· GA — 20+ foundation models available; model catalogue continuously updated

SAP's curated access point for 20+ foundation models (GPT-4o, Claude, Gemini, Llama, DALL-E, and SAP-specific models) — with data privacy, usage tracking, and SAP context grounding.

CPEA

TokensInference Units

Access via SAP AI Core (Standard plan). Token consumption billed per model per 1,000 tokens. All inference processed within SAP-operated infrastructure for data sovereignty.

Discovery Center Full details

SAP Business AI — Licensing by Deployment Model

Capability	RISE with SAPS/4HANA Private CloudGenerally Available	GROW with SAPS/4HANA Public CloudGenerally Available	Joule BoosterRISE/GROW add-onGenerally Available	CPEA (AI Core / Gen AI Hub)Consumption-basedGenerally Available
SAP Joule — Core Skills
Joule panel in Fiori Launchpad				n/a
S/4HANA Finance skills (11 GA)				n/a
SuccessFactors HR skills				n/a
Joule in Work Zone	Work Zone licence	Work Zone licence	Booster includes	n/a
Joule Booster Features
Extended skill packs (Procurement, Sales)				n/a
Custom Joule skills (Joule Studio)				n/a
Joule Agent Builder (Preview)			Planned	n/a
Automated BTP provisioning (Booster)				n/a
AI Foundation (Platform)
SAP AI Core — Standard plan	Included (limited)	Included (limited)	Extended via Booster	Full (CPEA)
Gen AI Hub — model access	Included (limited)	Included (limited)	Extended model access	Full 20+ models
Orchestration Service (RAG)	Included	Included	Included	Included
SAP AI Launchpad	Separate sub.	Separate sub.	Separate sub.	Separate sub.
Custom AI / MLOps (CPEA)
AI Core training executions (GPU)	n/a	n/a	n/a	Resource Units
Inference deployments (serving)	n/a	n/a	n/a	Inference Units
Token consumption (LLM calls)	n/a	n/a	n/a	Per 1K tokens / model
BYOM fine-tuning	n/a	n/a	n/a	AI Core Standard required

AI Units (AIU) — Consumption Metric

AI Units (AIU) are the SAP commercial unit for Business AI services consumed under CPEA. Different AI actions consume different quantities of AI Units:

LLM inference (Gen AI Hub): measured per 1,000 tokens, rate varies by model (GPT-4o vs. Llama 3)
AI Core training (GPU compute): measured in Resource Units per GPU-hour
Inference serving (model deployment): measured in Inference Units per pod-hour
Vector search (HANA Vector Engine): included in HANA Cloud licence — no separate AI Unit charge
Orchestration Service: no additional AI Unit charge beyond the underlying LLM token cost

Licensing Key Considerations

RISE/GROW includes AI Foundation

AI Core and Gen AI Hub access at a base level are included in RISE with SAP and GROW with SAP. Extended usage (more models, GPU training) requires CPEA top-up.

Joule Booster is an add-on to RISE/GROW

Joule core skills are included in RISE/GROW. The Joule Booster is a separately priced entitlement that unlocks extended skills, Joule Studio, and Agent Builder (Preview).

No separate AI licence for embedded Business AI

SAP Business AI features embedded in S/4HANA, SuccessFactors, Ariba — such as predictive analytics, intelligent matching, and smart suggestions — are included in the application licence.

CPEA for custom AI development

Custom ML model training, custom inference deployments, and high-volume Gen AI Hub usage are CPEA consumption-based. Budget projections require AI Unit estimates from SAP account team.

Licensing terms and AI Unit rates are subject to change. This reference reflects publicly available SAP information as of 2025. Always obtain a current quote from your SAP account executive and validate entitlements against your specific RISE/GROW contract before implementation commitments.