SAP Integration with Mobile App

NOVASOLUTIONS.TECHNOLOGY is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
SAP Integration with Mobile App
Complex
from 2 weeks to 3 months
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    761
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    649
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1071
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    884
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    466
Show more works

SAP Integration with Mobile Application

SAP—an enterprise-level corporate system with dozens of products (SAP S/4HANA, SAP ECC, SAP SuccessFactors, SAP Ariba), each with its own API. Critical mistake: starting mobile app development without first auditing which specific SAP product the client has and what APIs are open. "SAP integration"—not one task, but a category of tasks with fundamentally different approaches.

SAP API: Three Generations

BAPI / RFC — old ABAP standard. Called via SAP JCo (Java Connector) or SAP NCo (.NET Connector). For mobile—only via middleware that translates RFC to HTTP. Direct RFC from iOS/Android doesn't exist.

SAP Gateway / OData — generation of SAP NetWeaver and ECC 6.0. RESTful interface over OData v2/v3. Data in Atom XML or JSON (if client requests $format=json). OData v2—outdated standard with numerous quirks: Edm.DateTime instead of ISO 8601, specific filtering, __deferred for lazy-loaded navigation properties.

SAP Business Technology Platform (BTP) + CAP — modern approach for S/4HANA Cloud. CAP (Cloud Application Programming Model) publishes OData v4 services. Cleaner, more predictable, but not available to all clients.

SAP Mobile Services

SAP provides its own middleware for mobile—SAP Mobile Services (formerly SAP Mobile Platform / Kapsel). Features: authentication, offline sync, push notifications, device data encryption. Integration via SAP BTP SDK for iOS and SAP BTP SDK for Android.

SAP BTP SDK for Android—Kotlin, wrapper over SAP Mobile Services API:

val serviceManager = ServiceManager(
    applicationContext,
    SAPServiceManager.configUrl,
    object : ServiceManager.ServiceManagerListener {
        override fun onServiceManagerReady() {
            // Ready to work
            initializeODataService()
        }
    }
)

ODataRequestExecutor executes OData service requests with automatic CSRF token, 401 retry, offline buffering. Solves most typical integration problems, but ties you to SAP ecosystem.

Authentication: SAML and OAuth

SAP S/4HANA Cloud uses OAuth 2.0 with SAP Identity Authentication Service (IAS) as IdP. Mobile app passes Authorization Code Flow via IAS, gets JWT, sends to S/4HANA API.

SAP ECC on NetWeaver—often SAML 2.0 or basic auth. SAML on mobile—via WebView with redirect interception and session token extraction. Fragile: IdP config changes on SAP side break mobile authorization.

Recommendation: add OAuth 2.0 proxy via SAP BTP or Keycloak with SAML-SAP bridge. Mobile client uses standard OAuth, SAML complexity hidden in middleware.

CSRF Token — Typical Pain Point

SAP OData requires CSRF token for all modifying requests (POST, PUT, DELETE, PATCH). Scheme:

  1. GET /odata/sap/.../$metadata with header X-CSRF-Token: Fetch
  2. SAP returns token in header X-CSRF-Token: {token_value}
  3. All subsequent POST/PUT/DELETE include X-CSRF-Token: {token_value}

Token valid for session duration. On session break (timeout, re-auth)—need new token. HTTP client wrapper that automatically fetches CSRF on 403 CSRF token validation failed and retries—standard pattern.

In Retrofit—Interceptor that intercepts 403 response, fetches CSRF, adds header, retries original request.

Offline and SAP OData

SAP Fiori Elements supports offline via OData Offline Store in SAP BTP SDK. Offline Store—SQLite cache of OData requests with bidirectional sync. User works with local copy, on network—sync with SAP.

SAP offline conflicts: ETag mechanism. Before PUT, SAP returns ETag of record, client includes If-Match: {etag} on update. If record changed server-side—SAP returns 412 Precondition Failed. SDK provides conflict resolution callback.

Typical Complexities

OData v2 performance. $expand for navigation properties does JOIN on SAP ABAP side—can execute 5-15 seconds. Alternative: parallel requests without expand or middleware that caches and aggregates.

Differences between S/4HANA and ECC. API for same object (e.g., purchase order) in S/4HANA OData (API_SALES_ORDER_SRV) and ECC Gateway (ZSHOP_SRV) completely different. Abstract layer in middleware mandatory for supporting both.

Pagination in OData v2. $skip + $top or server-side paging via sap-pagesize header. $skip with large values slow on SAP ABAP—full recalc each time. Server pagination via SAP skiptoken preferable.

Timeline

Audit of client SAP landscape and available APIs: 3-5 days. Integration prototype (reading data via OData, authentication): 1-2 weeks. Full integration with offline support, CSRF handling, conflict resolution: 2-4 months. Cost depends on SAP version, number of integrated objects, offline requirements. Calculated individually.