Skip to Main Content

API wrappers in legacy systems for licensing cost control

Article: API wrappers in legacy systems
Publication date: July 2, 2026

An API wrapper is an intermediary software layer that enables communication between external applications and legacy systems. In environments such as SAP ECC, for example, it allows organizations to control which data is accessed, how it is accessed, and even which operations are allowed to reach the organization’s ERP core.

This approach is particularly important given that, according to estimates attributed to Gartner, 61% of SAP customers still operate on SAP ECC (ERP Central Component) and have not yet completed their migration to SAP S/4HANA.

In this article, we explain how an API wrapper, together with an abstraction layer, can be used to connect legacy systems with artificial intelligence solutions while avoiding unplanned licensing costs and protecting access to information stored in external applications.

What are API wrappers and how do they work?

An API wrapper is an intermediary layer that simplifies communication between an application and an API. Its primary purpose is to translate, adapt, and simplify requests, allowing consuming systems to interact with exposed services without needing to understand their internal implementation details, communication protocols, or underlying data structures.

Through this abstraction layer, applications can work with the language, format, or data model that best suits their needs, while the wrapper transforms requests and responses to ensure compatibility with the target API. This approach reduces system coupling and makes future modifications or migrations significantly easier without impacting consuming applications.

API-based abstraction also provides operational and governance benefits. By centralizing service access, organizations can:

  • Restrict queries to only the information required for each use case.
  • Apply authentication, authorization, and access control policies consistently.
  • Standardize input and output data formats.
  • Implement validation, auditing, and monitoring mechanisms.
  • Eliminate redundant API calls and unnecessary processing in core systems.

As a result, the business core is protected from inefficient or unauthorized direct access while reducing operational overhead.

API Wrapper Functional Diagram as an Abstraction Layer

API Wrapper Functional Diagram as an Abstraction Layer

The future of business is changing rapidly. Is your enterprise architecture ready for the impact? Find out here: Enterprise Architecture trends for APIfication in 2025

How much does it cost organizations to connect AI to legacy systems?

The global legacy application modernization market reached USD 11.26 billion in 2025 and is projected to grow to USD 43.36 billion between 2026 and 2034, representing a compound annual growth rate (CAGR) of 16.08%, according to Market Data Forecast.

The challenge is that organizations continue to allocate more than half of their IT budgets to maintaining enterprise systems they have no immediate plans to replace.

Under SAP Digital Access Licensing (DAL), organizations are charged based on the volume of billable documents generated by external sources, such as:

  • SD invoices
  • MM purchase orders
  • LE deliveries

This means that when AI agents or mobile applications access the SAP ECC core directly, every request may be counted as a billable document. Without an abstraction layer that filters, consolidates, and caches these requests, controlling escalating licensing costs becomes virtually impossible.

Some industry experts also attribute to Gartner an estimate suggesting that organizations without a proactive modernization strategy may spend up to 40% of their IT budget on maintenance alone.

Real-world example: Global textile enterprise

A multinational textile company deployed a mobile application that enabled its sales network to check real-time inventory availability.

To improve operational efficiency, the company also introduced automation workflows to optimize inventory responses. However, in the initial architecture, both the mobile application and the automation platform connected directly to the SAP ECC core, without any intermediate abstraction layer.

The result was significant:

  • The n8n automation platform executed 25 workflows simultaneously, each querying inventory more than 500 times per day.
  • Because there were no caching policies or Change Data Capture (CDC) mechanisms, every request reached the ERP directly. As a result, the volume of billable transactions increased dramatically from the contractual baseline of 12,000 to 45,600 transactions per month.
  • SAP identified this traffic under its Digital Access Licensing (DAL) model and imposed a 280% penalty during the first quarter. This resulted in an additional licensing cost of €340,000, on top of a contractual baseline of €120,000.

The technical team lacked an Anti-Corruption Layer (ACL), caching policies, Request Collapsing mechanisms to consolidate identical requests, and even an observability platform capable of detecting abnormal traffic before the licensing penalty was applied.

In this scenario, the solution is to deploy a preventive abstraction layer built around the following components:

  • Cache-Aside Pattern: Absorbs high-volume, high-frequency inventory reads within the intermediate layer, preventing repetitive requests from reaching the ERP.
  • Change Data Capture (CDC): Keeps data synchronized asynchronously in real time. The intermediate layer is updated only when inventory changes occur, without interacting directly with the transactional core.
  • Throttling by License Tier: Regulates inbound traffic by restricting AI queries to the read-only tier while limiting write operations performed by autonomous agents to controlled time windows and daily quotas.

This architecture dramatically stabilizes the number of billable transactions at approximately 18,500 per month, keeping usage safely below the contractual penalty threshold. As a result, organizations can protect their licensing budget and eliminate unnecessary spending without modifying a single line of SAP code.

Textile Company Architecture: Before and After the Solution

Textile Company Architecture: Before and After the Solution

Look to the Future: Learn About Best Practices in AI Governance to Optimize Your Architecture and Operations: AI governance: best practices for architecture and operations

How to implement non-intrusive APIfication: a vendor-agnostic abstraction layer for legacy systems

To implement an abstraction layer that prevents digital access licensing costs from spiraling in legacy platforms such as SAP or even IBM AS/400, the first step is to deploy an API Gateway.

However, it is equally important to complement the gateway with a specialized abstraction and governance layer, together with technical patterns—such as data replication and caching—designed to comply with licensing rules and contractual requirements. An API wrapper is the ideal component for implementing this abstraction.

Unlike an API Gateway, which primarily routes traffic, an API wrapper provides additional capabilities, including:

  • Transaction Batching: If a mobile channel generates 50 small interactions that would normally be counted as 50 individual documents under SAP Digital Access Licensing, the wrapper retains, consolidates, and processes those interactions externally. It then submits a single consolidated document to the SAP core, reducing licensing costs by replacing fifty billable transactions with just one.
  • Read-Only Offloading: The wrapper implements the Cache-Aside and Change Data Capture (CDC) strategies described earlier. When an AI system requests inventory information or invoice status, the wrapper responds directly from its optimized external data store. Because these read operations never reach the SAP core, digital access costs for reads are effectively eliminated.

An additional interaction layer that can further enhance this architecture is the Backend for Frontend (BFF) pattern. The BFF consumes the generic data exposed by the wrapper and reshapes it to meet the specific needs of each microservice, application, or AI model through channel-specific adapters.

CTA: Develop a secure and efficient API management strategy

Why implement an anti-corruption layer between legacy systems and modern channels?

The Anti-Corruption Layer (ACL) pattern isolates API consumers from internal changes within the legacy core. It acts as a translator between proprietary or complex protocols—such as SOAP or BAPI—and modern REST interfaces.

By defining integration contracts independently of the ERP, the ACL ensures that updates to the core system do not break digital channels or downstream applications. It also serves as a first line of defense, blocking unauthorized operations that could generate unexpected licensing costs.

For legacy environments, Change Data Capture (CDC) complements the ACL. Instead of querying the core system for every request, CDC automatically detects changes in the source data and replicates them in real time to the abstraction layer.

As a result, applications and AI agents retrieve information directly from this external replica rather than interacting with the transactional system.

You may also be interested in: API First: What It Is, Its Benefits, and How to Implement It with Security, Governance, and Scalability

Request collapsing and cache-aside: reducing calls to the core system

Request Collapsing and Cache-Aside further strengthen the protection of the core system, particularly during periods of heavy traffic.

  • Request Collapsing acts as an intelligent funnel. If one hundred AI agents request the same inventory item (SKU) at exactly the same moment, the system consolidates those requests into a single transaction sent to SAP, then distributes the response to every requester simultaneously.
  • Cache-Aside temporarily stores successful responses in a high-speed cache with a predefined Time-to-Live (TTL). Any subsequent request for the same information is served instantly from the cache, avoiding unnecessary calls to the ERP.

Throttling by License Tier: Controlling Traffic Based on Access Level

Throttling by License Tier allows organizations to enforce rate limiting at the legacy system boundary by defining two distinct access tiers:

  • Read Tier: Low-cost operations served externally through cache or CDC.
  • Write Tier: Higher-cost operations that require authorization and can only be executed within controlled time windows.

Combined with real-time observability of the organization’s licensing footprint, this approach enables continuous monitoring of accumulated billable documents throughout the contract period.

The system can generate proactive alerts as traffic approaches contractual thresholds, allowing teams to tighten policies or slow down non-critical processes before licensing penalties occur.

How to safely enable AI agents without incurring financial penalties

Connecting AI agents directly to legacy systems without a secure sandbox environment is one of the biggest risks for licensing costs in core systems to spiral out of control. For this reason, within the abstraction architecture, each AI agent should be assigned a unique Machine Identity with mTLS authentication.

This digital identity acts as a passport that precisely defines which cost tier the agent is allowed to access.

In addition, by applying a Zero Trust security model, the system uses policies such as ABAC or PBAC to ensure that AI performs only the minimum required actions:

  • Query data from the external replica (CDC).
  • Limit write operations to strict, controlled daily quotas.

The Strangler Fig pattern also makes it possible to expose and connect SAP functions to AI models gradually, preventing the core from being exposed without protection.

You may also be interested in: AI Gateway: Smart management between applications, models, and AI APIs

Hybrid governance: a management methodology for partner rotation

Hybrid governance recognizes that the technical tools mentioned above—ACL, CDC, cache, and throttling—are ineffective during SAP audits or AI traffic spikes if the knowledge resides exclusively with an external provider.

To ensure architectural ownership remains within the organization during integration partner rotation, we recommend the mandatory implementation of three auditable artifacts at steering committee level:

  1. Portable API Contracts: Standard OpenAPI specifications with semantic versioning independent of the provider’s technology stack. If the provider changes, the connection rules are not lost.
  2. Real-Time Quota Dashboard: A monitoring system orchestrated through open-source tools such as Keycloak for machine identity and APISIX or Gravitee as the API Gateway, measuring licensing consumption against the contractual limit independently.
  3. RACI Authorization Matrix for AI: A corporate responsibility map that links each AI digital identity to its permitted access tier and daily quota.

Comparison: Governance-Based Abstraction Layer vs. Traditional Approach

Below is a comparative table summarizing some of the most important aspects of this abstraction layer for cost con

Dimension Traditional approach Preventive abstraction with governance
Cost control timing Post-SAP audit Design-time, before deployment
Digital Access license management Negotiation after penalty Structural Throttling by License Tier
Portability during partner rotation Vendor lock-in within the integration stack API contracts independent of the stack
AI agent exposure No sandbox or rate limiting by tier Machine Identities + ABAC/PBAC + sandbox
Breaking change traceability Absent or manual Semantic versioning enforceable at steering committee level
Reduction of billable transactions 0% without an abstraction layer 40–60% through cache + Request Collapsing

 FAQ 

What Is the Difference Between an API Wrapper and an API Gateway for Legacy Systems?

An API wrapper encapsulates SAP or AS/400-specific logic and translates proprietary interfaces such as BAPI and SOAP into modern REST APIs. An API Gateway, on the other hand, provides vendor-agnostic traffic routing.

Both components are essential:

  • The API wrapper functions as an Anti-Corruption Layer (ACL), abstracting the complexity of legacy systems.
  • The API Gateway is responsible for Throttling by License Tier, traffic management, and observability of billable transactions.

How Can You Prevent AI Agents from Multiplying Calls to a Legacy SAP System?

Implement Throttling by License Tier combined with rate limiting based on Machine Identity secured through mTLS.

Recommended best practices include:

  • Serving read operations from a CDC-powered cache.
  • Restricting write operations through ABAC authorization policies and daily quotas.
  • Continuously monitoring the footprint of billable transactions in real time.
  • Reviewing usage thresholds before each SAP billing cycle to avoid unexpected licensing costs.

Do I Need to Modify My Legacy System’s Code to Implement an API Wrapper?

No.

A non-intrusive abstraction layer operates without modifying the legacy core.

Change Data Capture (CDC) captures events asynchronously, allowing data to be synchronized externally without impacting the production system.

For IBM AS/400, technologies such as IBM z/OS Connect 3.0 can expose CICS services as REST APIs without requiring any changes to existing COBOL applications.

As a result, the legacy platform continues operating exactly as before while the wrapper acts as an external integration layer.

How Much Can an Abstraction Layer Reduce SAP Digital Access Licensing Costs?

Implementing Request Collapsing together with the Cache-Aside pattern can reduce the number of billable transactions by 40–60%.

Without an abstraction layer, AI agents can increase Digital Access Licensing (DAL) costs by 300–500% due to excessive direct interactions with the SAP core.

With a properly governed abstraction architecture, however, growing digital traffic typically results in less than a 20% increase in the organization’s licensing footprint.

How Can You Ensure Business Continuity If Your API Integration Partner Changes?

The recommended approach is hybrid governance, based on:

  • API contracts with semantic versioning that are independent of the integration provider’s technology stack.
  • Documented traceability for breaking changes.
  • Portable architectural patterns—including ACL, CDC, BFF, and Strangler Fig—that can be audited and maintained by any incoming technical team.

This ensures that architectural knowledge remains within the organization rather than with an external partner.

What Is the Latency Impact of Integrating an AI Model with a Legacy System Through an Abstraction Layer?

Approximately 99% of read requests are served directly from the cache, achieving response times of less than 50 ms, compared with 120–200 ms for direct access to SAP ECC.

Controlled write operations introduce an additional 10–20 ms of latency due to ABAC policy orchestration.

This trade-off is highly favorable in production environments, delivering a 40–60% reduction in billable transactions in exchange for only a marginal increase in latency.

If your team is ready to optimize SAP licensing costs in legacy environments, we can help.

By combining a well-designed API-first strategy with a customized abstraction layer tailored to your business requirements, you can significantly reduce licensing costs, protect your core systems, and safely enable AI-driven innovation.

Contact us today to discover how you can fully safeguard your enterprise infrastructure while modernizing your legacy environment.

Talk to our experts!

Contact our team and discover the cutting-edge technologies that will empower your business.

contact us

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.