Own the runtime
ARC-1 is not a hosted black box. Run it where your SAP and AI security posture already belongs: local, Docker, or BTP.
ARC-1 - self-hosted SAP AI gateway
Governed SAP access for enterprise AI
Let teams use AI on SAP systems without turning every laptop into an ungoverned door into production. ARC-1 is a gateway you operate, with SAP identity, authorization, and audit still in control.
MCP is the open protocol for connecting AI assistants to enterprise systems. ARC-1 is the governed SAP implementation.
Self-hosted
Runs locally, in Docker, or on SAP BTP. No ARC-1 SaaS hop.
Read-only first
Writes, SQL, data preview, transports, and Git are explicit opt-ins.
SAP stays in charge
Existing SAP identity, authorization, and audit remain the control plane.
Inspectable OSS
Public TypeScript code, docs, npm package, Docker image, and CI.
Executive case
AI access to SAP without a new shadow integration layer.
ARC-1 gives AI assistants useful SAP context through a controlled gateway instead of unmanaged local scripts, copied credentials, and client-specific integrations. Start read-only, prove the model, then open higher-risk actions only where the operating model supports them.
Keep model choice open
Use Claude, Copilot, Joule, Cursor, VS Code, or future MCP clients without inventing a separate SAP access model for each.
Roll out by risk
Keep production read-only, allow sandbox writes selectively, and treat SQL, data preview, transport, and Git actions as separate approvals.
No license lock-in
Free and open source does not mean zero operating cost. It means no per-seat license and an inspectable control plane your team can run.
Why ARC-1
SAP AI needs governed context, not another prompt trick.
SAP development context lives in source objects, packages, transports, dumps, checks, dependencies, release state, and authorizations. ARC-1 gives assistants that context through a small set of intent-based tools with safety gates in front.
Standards-based
MCP is the client protocol; SAP ADT remains the system interface.
SAP-native security
Server ceiling, user permission, and SAP authorization all have to pass.
Enterprise deployment
BTP, XSUAA, Destination Service, Cloud Connector, and audit logging are first-class paths.
Public maintenance
Open TypeScript source, public docs, npm release, Docker image, and GitHub Actions.
What ARC-1 is good for
Use cases that matter beyond a developer demo
The first value is read access: current system state, source, metadata, checks, dependencies, dumps, and transport context. Write access can come later, in restricted systems and packages, after the organization is comfortable with the control model.
ABAP development assistance
Read source, search objects, edit methods, activate, run syntax checks, run ABAP Unit, inspect ATC, and keep the AI grounded in the actual SAP system.
Clean Core and modernization
Analyze custom code against release state and SAP guidance, identify direct table usage, build modernization backlogs, and guide SEGW-to-RAP moves.
Architecture and impact analysis
Turn change requests into technical risk views: dependencies, activation order, table impact, transport requirements, and affected objects.
Support and diagnostics
Connect weak tickets to ST22 dumps, source code, gateway messages, traces, package contents, and likely root causes before a developer opens the IDE.
Microsoft 365 and Joule agents
Reuse the same BTP-deployed ARC-1 endpoint from Copilot Studio, Teams, Microsoft 365 Copilot, and Joule Studio without creating a separate SAP access model.
GitHub workflow automation
Give PR checks and AI reviewers live SAP context for ABAP Unit, ATC, activated-source drift checks, and read-only code review.
Evidence, not theater
Real workflows ARC-1 was built around
These examples come from the ARC-1 blog series and demo repositories: impact analysis in Copilot Studio, Clean Core checks, RAP and Fiori elements modernization, and modern UI5 consumption of a generated RAP service.
Security architecture
One controlled SAP access layer. Three gates before action.
ARC-1 can run locally, in Docker, or as a BTP Cloud Foundry app. The enterprise pattern is central: one endpoint, one safety ceiling, one audit path, and SAP authorizations still deciding what the backend user may do.
Server ceiling
Admin-controlled flags define what this ARC-1 instance can ever do.
User permission
Scopes, role collections, OIDC claims, or API-key profiles restrict the user.
SAP authorization
SAP still enforces S_DEVELOP, package, transport, table, and system permissions.
Effective permission = server ceiling AND user permission AND SAP authorization
Quickstart
Quickstart first. npx is a smoke test.
SAP URL, client, auth, TLS, and client wiring vary by landscape. The docs cover the read-only first run, Claude install, local development, Docker, and BTP deployment.
npx arc-1@latest \
--url https://your-sap-host:44300 \
--user YOUR_USER \
--password YOUR_PASS \
--client 100ARC-MCP ecosystem
ARC-1 is the flagship. The org is becoming a SAP AI toolkit.
The GitHub organization contains the core server, adjacent runtime pieces, samples, and workflow demos. Labels make maturity explicit so the flagship product stays clearly separated from labs and proofs of concept.
Core product - Stable
arc-1
Enterprise-ready MCP server for SAP ABAP systems, with BTP deployment, safety gates, ADT tooling, and extensive tests.
Routing - Betamcp-hub
Deterministic multi-system MCP hub for SAP BTP: one login, per-environment routing to ARC-1 backends.
Sibling server - Betaarc-1-lsp
MCP server for SAP ABAP that delegates ADT work to SAP's embedded adt-ls language server.
SDK - Betaadt-ls
TypeScript SDK over SAP's headless adt-ls, designed as reusable infrastructure for ABAP tooling.
Extensions - Samplearc-1-extension-sample
Sample ARC-1 extension showing manifest tiers and live-verified extension patterns.
Eclipse - PoCarc1-adt-abap-mcp-ext
Eclipse plugin that wakes SAP's dormant ADT MCP server and contributes read-only ABAP tools.
CTS - PoCarc1-transport-review-poc
Proof of concept for SAP CTS transport review pull requests.
Modernization - Demoarc-1-segw-to-rap
SEGW to RAP and UI5 JavaScript to TypeScript/Fiori elements demo using MCP servers.
Automation - Demoarc-1-abap-cicd-review
End-to-end ABAP review workflow with GitHub Actions, abaplint, Copilot, Claude, and ARC-1.
Auth - Labxsuaa-auth
Authentication workbench for XSUAA-related SAP MCP deployment experiments.
Further reading
The product story is already written in public
ARC-1 grew out of a clear argument: AI in SAP succeeds when context, governance, identity, and workflow quality are treated as architecture. These posts are the best path through that argument.
Context first
How I Use AI for Development and Why Context Matters
The ABAP gap
ABAP and Agentic AI: The Hidden Problem in Real Projects
Product thesis
Introducing ARC-1: A Secure ADT MCP Server for Enterprise SAP Development
Enterprise deployment
ARC-1 on SAP BTP: Secure ABAP Agentic Development Beyond the Laptop
Business users
ARC-1 with Copilot Studio: SAP System Context Beyond Developers
SAP-native agents
ARC-1 with Joule Studio: Bringing Real ABAP System Context into Joule
Modernization
From SEGW and Legacy UI5 to RAP with ARC-1
GitHub workflows
ABAP Development Automation with ARC-1 and GitHub Workflows
Governance
A Clearer View of Your SAP Integrations Under the New API Policy
Free, open source, inspectable