Building Agentic Enterprises on AWS with the AWS for SAP MCP Server on Amazon Bedrock AgentCore

The Opportunity

Organizations are increasingly looking to build AI agents that are enterprise ready — agents that can securely connect to tools and data sources across their technology landscape, reason over live business data, and take action autonomously. Customers across the globe are feeling this need firsthand. Several customers like Harman International, Fortescue and PLDT are looking to move beyond traditional automation and unlock intelligent decision-making across their enterprise. They are looking to connect AI agents to their SAP systems and other enterprise workflows to orchestrate exceptions in financial processes, drive intelligent automation in procurement workflows, optimize data management during technology upgrades, and streamline supply chain operations in real time. However, building such agents requires tight coupling between the agent and the systems it interacts with, making it difficult to develop, deploy, and update them independently.

A robust and scalable AI agent ecosystem relies on standardized communication protocols that enable seamless interoperability between agents and the tools they use. At AWS, we believe the path to truly enterprise-ready AI agents lies in decoupling agents from their tools. We have adopted two open standards to make this possible. The Model Context Protocol (MCP), open sourced by Anthropic in 2024, standardizes how AI agents connect to external tools and data sources, enabling any MCP client to discover and act on any MCP server. The Agent-to-Agent protocol (A2A), introduced by Google in April 2025, complements MCP by enabling autonomous collaboration between independent AI agents across different frameworks, vendors, and organizational boundaries. Together they create a decoupled architecture where agents and tools can be developed, deployed, and updated independently.

Earlier this month, we announced the general availability of the AWS for SAP MCP Server on Amazon Bedrock AgentCore, purpose-built to bring this decoupled agentic architecture to your SAP landscape. Built on Open Data Protocol (OData), which SAP uses to standardize their APIs across finance, procurement, logistics, and more, the AWS for SAP MCP Server enables MCP clients and Agents to connect to SAP business data and processes. AWS for SAP MCP Server along with Amazon Bedrock AgentCore enables AI agents to understand your SAP data and business processes, reason over them, and act on them in real time, with complete visibility, enterprise-grade security, and the scalability to grow with your enterprise needs. The AWS for SAP MCP Server also features in the recent AWS blog covering SAP Sapphire 2026 announcements.

What is the AWS for SAP MCP Server ?

The AWS for SAP MCP Server turns SAP ERP business data and processes into first-class MCP tools. Whether you are building agents with Amazon Quick, Strands SDK, SAP Joule Studio, or orchestrating multi-agent workflows using A2A, the AWS for SAP MCP Server enables your agents to discover and act on live SAP data right out of the box. AWS ships this MCP server as a container image at no cost and can be deployed on Amazon Bedrock AgentCore Runtime, a fully managed service for hosting MCP servers at scale. Amazon Bedrock AgentCore Runtime takes care of session isolation, private connectivity to your SAP resources, and secure inbound and outbound authorization through Amazon Bedrock AgentCore Identity, so you can focus on building agents rather than managing infrastructure.

Now that we have seen what the AWS for SAP MCP Server is and how it fits together, let us dive deeper into the key capabilities that make it enterprise ready.

Figure 1: AWS for SAP MCP Server Architecture on Amazon Bedrock AgentCore with SAP ERP Connectivity via SAP BTP

The Foundation: Key Capabilities

Built on Standards: The OData Advantage: SAP has standardized on OData as the API protocol of choice across its entire product portfolio including SAP ERP applications (SAP S/4HANA and SAP ECC), and has documented and published hundreds of OData services spanning every aspect of the business from finance and procurement to logistics and human capital management. You can also build and publish your own custom OData APIs using SAP Gateway, the framework SAP provides to build and expose OData services, to support clean core extensions such as agentic workflows outside the core or custom integrations keeping your system upgrade-safe while still enabling intelligent automation. These APIs live within your SAP ERP system and become accessible within your landscape or network once activated. The AWS for SAP MCP Server is built on this foundation. It exposes MCP tools that allow AI agents to first discover the SAP OData catalog and inspect service metadata to understand what business data and processes are available, and then take action on SAP business objects such as creating a sales order, updating a purchase order, or reading finance documents. The current release supports OData V2, making it compatible with SAP ERP applications.

Discovering What’s Available: Dynamic Service Catalog and hints: One of the most powerful capabilities of the AWS for SAP MCP Server is the catalog discovery MCP tool it provides to agents, allowing them to discover what SAP OData services are available in your landscape at runtime. The AWS for SAP MCP Server supports two catalog discovery modes to give you flexibility in how agents discover available SAP OData services:

• Remote Catalog — the MCP server connects directly to the OData catalog service exposed by your SAP ERP system, giving agents a live, real-time view of the activated OData services. Choose this if you want your agents to always have the most up-to-date view of what services are available in your SAP system, as and when new services are activate
• Local Catalog — you bring your own catalog configuration file stored in Amazon S3, giving you full control over which SAP OData services are exposed to your agents. Choose this when your SAP APIs are exposed through an API management layer (e.g. API Management in SAP BTP) where a native SAP OData catalog is not available

Beyond discovery, the MCP server provides Service hints capability that gives AI agents deeper contextual guidance for specific SAP OData services. While OData metadata describes the entities, fields, and relationships available in a service, service hints go further by providing agents with known issues, recommended workarounds, and service-specific guidance that help agents correctly interpret and act on SAP data . Hints are stored as a JSON configuration file in Amazon S3. You can define hints globally across available SAP OData services or target specific services by pattern. The MCP server provides tools for agents to request service hints on demand, returning the contextual guidance agents need to make accurate and efficient SAP OData calls.

Network Architecture Built for Enterprise Security: Connecting your AI workloads and agents to SAP securely is a critical requirement for enterprise deployments. The AWS for SAP MCP Server can be deployed on Amazon Bedrock AgentCore Runtime within your own VPC, which means the MCP tool calls stay within your private network boundary. When an MCP client makes a tool call to the MCP server, the MCP server running inside your VPC connects to your SAP system to execute the request. The AWS for SAP MCP Server supports a variety of connectivity options, based on where your SAP ERP system is hosted and how your SAP APIs are enabled. Here is how each deployment topology is supported:

• SAP BTP API Management — We recommend enabling your SAP OData APIs through the SAP BTP API management layer. The AWS for SAP MCP Server can connect to those APIs securely over HTTPS with OAuth 2.0 authentication. Note that traffic in this case egresses to the internet and is secured at the transport layer using TLS encryption.
• SAP cloud ERP private (formerly RISE with SAP) on AWS — The AWS for SAP MCP Server deployed in Amazon Bedrock AgentCore, within your VPC connects to the SAP managed VPC using VPC Peering for simple direct connectivity or AWS Transit Gateway for more complex setups across multiple VPCs or AWS accounts. Traffic between your VPC and the SAP managed VPC stays within the AWS backbone network.
• SAP ERP on AWS — If your SAP system runs in your own AWS account, the AWS for SAP MCP server can be deployed in Amazon Bedrock AgentCore, within the same VPC or connected across VPCs in the same account, making connectivity straightforward. All traffic stays within the AWS network.

Securing Every Connection: Identity and Authentication: The AWS for SAP MCP Server uses AgentCore Identity to manage authentication across two critical flows: inbound (MCP clients to MCP Server) and outbound (MCP Server to SAP). This dual-layer approach maintains separate trust boundaries for each flow, ensuring that authentication and authorization decisions are independently validated at each boundary. This architectural separation creates a sound authentication posture where client access and SAP system access are governed by distinct, auditable policies. Organizations can authenticate using industry-standard protocols – OAuth 2.0, OIDC, or SAML and choose their preferred identity provider. For inbound authentication, you can use AWS Identity and Access Management (IAM), Amazon Cognito, or enterprise providers like Microsoft Entra ID or Okta. For outbound authentication to SAP, you can connect directly to SAP or route through your enterprise directory. This flexibility means you architect authentication flows that align with your existing identity infrastructure—no rip-and-replace required.

Comprehensive Observability on AI Agent actions: Running AI agents in production against live SAP systems demands the same level of observability that enterprises expect from mission-critical applications. The AWS for SAP MCP Server is instrumented with comprehensive telemetry through AgentCore Observability. When you deploy the AWS for SAP MCP Server on Amazon Bedrock AgentCore Runtime, AgentCore automatically creates a Amazon CloudWatch log group for the MCP server and captures logs for every MCP tool call made to the server, giving you full visibility into what your agents are reading, creating, updating, or deleting in your SAP system. The AWS for SAP MCP Server supports configurable log levels, so you can control the verbosity of what gets logged based on your environment and needs. Use INFO to capture a summary of every MCP tool call, DEBUG to get detailed request and response payloads including the OData calls made to SAP, and ERROR to capture failures such as authentication errors, authorization issues, or OData-specific errors returned by SAP.

Now that we have covered the core capabilities of the AWS for SAP MCP Server, let us look at how it fits into the broader agentic landscape alongside the Agent-to-Agent protocol.

How does MCP complement A2A in a Multi Agent Eco-System?

As enterprises build more sophisticated agentic AI systems, multiple agents need to work together to get things done. Open Source protocols have been key in enabling innovation, and the agentic era is no different. MCP, open sourced by Anthropic in 2024, gives agents the ability to connect to tools and data like SAP. A2A goes a step further by letting agents talk to other agents regardless of the framework or platform they are built on. Together, MCP and A2A form two complementary layers of an agentic architecture:

• MCP is the protocol that connects agents to tools and data, such as your SAP OData services, democratizing business processes and data to your agents
• A2A is the protocol that enables agents built on different frameworks, by different vendors, or across organizational boundaries to communicate and collaborate with each other.

The AWS for SAP MCP Server fits naturally into both worlds, giving your agents the tools to discover and act on live SAP data whether they are operating standalone or as part of a larger multi-agent system.

Deploy in Minutes: CloudFormation-Powered Automation

The AWS for SAP MCP server can be deployed using an AWS CloudFormation template that automates the entire provisioning process in minutes. The template handles creation of resources that are required to deploy the AWS for SAP MCP Server in Bedrock AgentCore Runtime including identity setup, creation of IAM roles and required configuration for discovering available APIs in your SAP system and publish them as first class MCP tools.

Real-World Impact: Customers Leading the Agentic Enterprise

The most compelling proof of any technology is not just what it promises, but also what customers build with it. Early adopters of the AWS for SAP MCP Server are already demonstrating the transformative potential of combining SAP’s business process depth with AWS’s AI capabilities.

• Fortescue: Enterprise-Scale AI Integration with S/4HANA – “Fortescue is excited for the general availability of AWS SAP MCP as an important step in enabling enterprise-scale AI integration with SAP systems. The capability supports our approach to exposing SAP functionality through a secure, structured and reusable tool layer, helping accelerate delivery of AI use cases while maintaining strong governance and control. For Fortescue, this is particularly relevant for S/4HANA-adjacent and cross-system AI applications, where scalability, security, and supportability are critical. We value the collaboration with AWS and the role this capability can play in advancing practical, production-oriented AI integration across the enterprise”
• PLDT: Transforming Procure-to-Pay with Agentic AI – “At PLDT, we are embarking on a journey to transform our Procure-to-Pay operations through agentic workflows powered by the AWS for SAP MCP Server. We are reducing manual work and accelerating cycle times today, while laying the foundation for intelligent, self-learning agentic systems across the enterprise.”- Gilbert Gaw, First Vice President & Head of IT and the Transformation Office (PLDT & SMART), SMART Communications
• Harman International: Modernizing Test Management with Agentic AI – “Our strategic partnership with AWS continues to provide us opportunities to assess new possibilities in the realm of Agentic AI. We are currently working with AWS for SAP MCP Server to evolve our test management strategy and its potential role in supporting our modernization initiatives” – Varada Reddy, Director of SAP Platform

Get Started

The AWS for SAP MCP Server on Amazon Bedrock AgentCore Runtime gives your AI agents the tools to onboard to your SAP data and processes in a secure, scalable, and enterprise-ready way, whether you are automating procurement workflows, accelerating order-to-cash cycles, managing finance exceptions, or building multi-agent systems that span SAP and non-SAP systems. AgentCore Runtime takes care of service discovery, secure connectivity, inbound and outbound authorization, and full observability, so you can focus on building agents that deliver real business value.” The era of enterprise-ready AI agents is here. Start building today. To get started, visit the AWS for SAP MCP Server page. To learn why AWS is the platform of choice and innovation for thousands of SAP customers, visit the AWS for SAP page.

About the Authors