Skip to main content

What is the S4Kit Platform?

The S4Kit Platform is the backend infrastructure that powers the SDK. It acts as a secure proxy between your application and SAP S/4HANA systems, handling:
  • Authentication: Manages SAP credentials securely
  • Authorization: Controls access with granular permissions
  • Rate Limiting: Protects SAP systems from overload
  • Request Logging: Provides audit trails and monitoring
  • Multi-tenancy: Isolates data per organization

Architecture

┌─────────────────────────────────────────────────────────────┐
│                       Your Application                       │
│                           (SDK)                              │
└─────────────────────────────────────────────────────────────┘

                              │ API Key

┌─────────────────────────────────────────────────────────────┐
│                      S4Kit Platform                          │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │   Admin     │  │   Proxy     │  │     Dashboard       │  │
│  │   API       │  │   Service   │  │     (Frontend)      │  │
│  └─────────────┘  └─────────────┘  └─────────────────────┘  │
│         │                │                    │              │
│         └────────────────┼────────────────────┘              │
│                          │                                   │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │  PostgreSQL │  │    Redis    │  │   Encrypted Store   │  │
│  │  (Data)     │  │  (Cache)    │  │   (Credentials)     │  │
│  └─────────────┘  └─────────────┘  └─────────────────────┘  │
└─────────────────────────────────────────────────────────────┘

                              │ SAP Auth (Basic/OAuth)

┌─────────────────────────────────────────────────────────────┐
│                    SAP S/4HANA Systems                       │
│  ┌─────────────┐  ┌─────────────┐  ┌─────────────────────┐  │
│  │   Sandbox   │  │     Dev     │  │    Production       │  │
│  └─────────────┘  └─────────────┘  └─────────────────────┘  │
└─────────────────────────────────────────────────────────────┘

Core Concepts

Organizations

Organizations are the top-level container for all your data. Each organization has:
  • Team members with roles (owner, admin, developer)
  • SAP systems and instances
  • API keys and permissions
  • Request logs

Systems

A System represents an SAP landscape (e.g., “Production ERP”, “S/4HANA Cloud”). Each system can have multiple instances.

Instances

Instances are specific environments within a system:
  • Sandbox - Testing with mock data
  • Development - Dev environment
  • Quality - QA testing
  • Pre-production - Staging
  • Production - Live system

Services

OData services exposed by SAP (e.g., API_BUSINESS_PARTNER, API_SALES_ORDER_SRV). The platform includes a catalog of 500+ predefined SAP APIs.

API Keys

Secure tokens that authenticate SDK requests. Each key has:
  • Configurable permissions per entity/operation
  • Rate limits (per-minute and per-day)
  • Access to specific instances

Request Flow

  1. SDK Request: Your app calls client.A_BusinessPartner.list()
  2. API Key Validation: Platform validates the API key
  3. Permission Check: Verifies the key can list BusinessPartner
  4. Rate Limit Check: Ensures limits aren’t exceeded
  5. Proxy Request: Platform authenticates to SAP and forwards request
  6. Response Processing: Strips OData metadata, handles errors
  7. Logging: Records the request for audit
  8. Return: SDK receives clean JSON response

Dashboard Features

The web dashboard at app.s4kit.com provides:

Systems

Register and manage SAP systems

Instances

Configure environment endpoints

Services

Browse and bind OData services

API Keys

Generate and manage API keys

Logs

View request history and errors

Team

Manage team members and roles

Security

Credential Storage

SAP credentials are encrypted using libsodium before storage. The encryption key is never stored with the encrypted data.

API Key Security

  • Keys are hashed before storage (only prefix and last 4 chars visible)
  • Keys can be revoked instantly
  • All requests are logged with key identifiers

Network Security

  • All traffic is encrypted with TLS 1.3
  • SAP connections use your configured auth method
  • No SAP credentials are ever exposed to the SDK

Getting Started

1

Create an Organization

Sign up at app.s4kit.com to create your organization
2

Register a System

Add your SAP system with connection details
3

Configure an Instance

Set up at least one instance (start with sandbox)
4

Bind Services

Select which OData services to expose
5

Generate API Key

Create an API key with appropriate permissions
6

Start Building

Use the SDK with your new API key