Server data from the Official MCP Registry
Develop, test, analyze, and operate SAP ABAP systems through ADT from AI coding agents.
Develop, test, analyze, and operate SAP ABAP systems through ADT from AI coding agents.
Valid MCP server (2 strong, 3 medium validity signals). No known CVEs in dependencies. Package registry verified. Imported from the Official MCP Registry.
4 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-coaspe-sap-abap-mcp": {
"args": [
"-y",
"@coaspe/sap-abap-mcp"
],
"command": "npx"
}
}
}From the project's GitHub README.
A local Model Context Protocol server that lets Codex and Claude work with SAP ABAP through the official ABAP Development Tools (ADT) HTTP services.
It can inspect and edit ABAP source, run quality checks, manage transports, use abapGit and the RAP generator, inspect runtime data, compare systems, and perform repository refactorings without VS Code, SAP GUI, or an ABAP FS virtual workspace.
@coaspe/sap-abap-mcp0.4.4latest (resolved automatically when the MCP process starts)abap-adt-api 8.4.13041418d35558e043993a4d7f9fa6b727fcf9cf1The automated suite validates the MCP contract, ADT argument ordering, safety policies, stale-preview protection, output bounds, and all 52 registered tools with an in-memory SAP implementation. Live SAP acceptance testing is still required because endpoint availability and authorization vary by SAP release and system configuration.
The pinned ABAP FS 2.6.5 source exposes 43 MCP tools. This server provides a strict-compatible subset of 42; the omitted tool is manage_subagents, which depends on the VS Code agent host. With 10 headless extensions, this server advertises 52 tools in total.
The first development-parity slice implements BDEF source creation, one-request batch activation, class-runner execution, the ABAP FS REPL contract, and detailed semantic inspection. These SAP-dependent capabilities remain unverified until they succeed against the selected live connection; call get_sap_capabilities for per-connection evidence.
Snippet execution requires ZCL_ABAP_REPL and an active SICF service at /sap/bc/z_abap_repl. Generic report/program-console execution is not implemented.
The server provides all 42 strict-compatible headless tools from the pinned ABAP FS baseline and adds ten grouped extension tools.
| Area | Capabilities |
|---|---|
| Connections | Multiple SAP profiles, lazy login, system metadata, ADT discovery export |
| Repository reads | Search, metadata, source ranges, batch reads, URI reads, source search, enhancements |
| Semantic services | Completion details, definition lookup, documentation, type hierarchy, components, quick-fix discovery, SAP formatter preview |
| Source writes | Exact source replacement, BDEF source creation, syntax diagnostics, single- and one-request batch activation, text elements |
| Refactoring | Rename, package move, extract method, quick-fix application, formatting, deletion |
| Quality | ABAP Unit, ATC, diagnostics, test-include creation |
| Transports | List, details, objects, compare, create, release, delete, owner/user management, object resolution |
| Versions | Active revision history, revision comparison, inactive source, guarded revision restore |
| abapGit | Repository list, remote information, create, pull, unlink, stage, push, check, branch switch |
| RAP | Availability, paged schema, defaults, validation, preview, generation, service binding details and publication |
| Runtime | Guarded class-runner and fixed-contract ABAP REPL execution, debugger, breakpoints, stack, variables, dumps, traces, heartbeat checks |
| Cross-system | Source comparison across configured SAP systems |
| Dependency analysis | Bounded where-used dependency graph |
| SAP GUI integration | Validated WebGUI transaction URL generation and optional local launch |
| Data | Read-only ADT SQL queries with bounded or file-based output |
| Artifacts | Mermaid validation/viewer and DOCX test documentation |
The ten grouped extension tools are:
inspect_abap_coderefactor_abap_codemanage_abapgitmanage_rap_generatormanage_abap_versionscompare_abap_systemsget_abap_dependency_graphrun_sap_transactionget_sap_capabilitiesrun_abap_applicationGrouping related actions keeps the tool-schema footprint lower than exposing every operation as a separate MCP tool.
The canonical registry identity is io.github.Coaspe/sap-abap-mcp, defined in server.json. Directory installs must run this package as a local stdio server; SAP profiles and credentials stay on the user's machine and are never hosted by a registry.
Before starting the MCP server from any directory or one-click installer, create and verify at least one local SAP profile using the commands in Quick start or llms-install.md. A generic registry launch runs @coaspe/sap-abap-mcp with the serve argument and exposes all locally configured profiles; every SAP-facing tool still requires an explicit connectionId.
Registry publication does not change the live-evidence boundary. SAP-dependent development-parity capabilities remain unverified until they succeed against the selected live connection.
SAP ABAP MCP runs locally and does not send SAP profiles, credentials, source code, or tool results to a publisher-operated service. It communicates only with destinations selected by the user, including the configured SAP system and the user's MCP host. See the complete PRIVACY.md and TERMS.md.
This repository is also a dual-compatible plugin marketplace. The plugin starts the same npm latest package as a local stdio process, so SAP profiles, credentials, and ADT traffic stay on the user's computer.
Claude Code:
/plugin marketplace add Coaspe/sap-abap-mcp
/plugin install sap-abap-mcp@coaspe-sap
/reload-plugins
Use /mcp to confirm that sap-abap is connected.
Codex:
codex plugin marketplace add Coaspe/sap-abap-mcp
Then install SAP ABAP MCP from the Coaspe SAP Developer Tools marketplace in the Codex app and start a new task. The plugin includes a sap-abap-setup skill that keeps passwords out of chat and guides profile creation, authentication, and live ADT verification.
Ask your SAP administrator for:
https://sap-dev.company.com/sap/bc/adt and Basic Auth are enabledYour machine needs:
Verify Node.js first:
node --version
Use your real values and keep production profiles read-only. Omitting --packages allows writes to all packages; add it only when you want to restrict writes to specific packages.
npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest profile add DEV100 `
--url "https://sap-dev.company.com" `
--client 100 `
--username "DEV_USER" `
--environment development `
--login
PowerShell also accepts the command on one line. The profile ID DEV100 is a local alias. When SAP password: appears, enter the password and press Enter; the input remains hidden. The profile and password are stored only after the MCP validates the credentials against SAP.
To restrict writes, add a comma-separated allowlist such as --packages "Z_MCP_TEST,Z_MCP_TEST2". An empty allowlist permits every package, while production profiles still reject writes.
The password is stored with Windows DPAPI and is never written to the profile file. For non-interactive environments, pipe the password and add --password-stdin after --login.
npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest doctor DEV100
A successful response contains "ok": true.
Codex CLI:
codex mcp add sap-abap -- npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest serve --profile DEV100
Claude Code:
claude mcp add --transport stdio --scope user sap-abap -- npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest serve --profile DEV100
Restart the client after registration. Use codex mcp list, claude mcp get sap-abap, or the client's /mcp command to verify the connection.
The registration deliberately uses the moving npm tag @latest together with --prefer-online. Whenever Codex or Claude starts a new MCP process, npm checks which published version latest points to and runs that version. For example, a user who originally ran 0.4.3 will automatically run 0.4.4 after 0.4.4 is promoted to latest and the client is restarted. An already-running MCP process is not replaced in place. Maintainers should promote only tested releases to latest.
List the configured SAP systems and verify DEV100.
Find class ZCL_DEMO in DEV100 and read its RUN method.
Run syntax diagnostics and show a formatter preview without changing the source.
Build a depth-1 dependency graph for ZCL_DEMO.
Use npx instead of npx.cmd:
npx --yes --prefer-online @coaspe/sap-abap-mcp@latest profile add DEV100 \
--url "https://sap-dev.company.com" \
--client 100 \
--username "DEV_USER" \
--environment development \
--login
npx --yes --prefer-online @coaspe/sap-abap-mcp@latest doctor DEV100
codex mcp add sap-abap -- npx --yes --prefer-online @coaspe/sap-abap-mcp@latest serve --profile DEV100
SAP passwords are stored in macOS Keychain.
If the codex command is not available, add a stdio MCP server in Codex settings:
sap-abapnpx.cmdnpx--yes
--prefer-online
@coaspe/sap-abap-mcp@latest
serve
--profile
DEV100
Create one profile per SAP client, for example DEV100, QAS200, and PRD100. To expose all profiles through one MCP server, register serve without --profile:
codex mcp add sap-abap -- npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest serve
Every SAP-facing tool requires an explicit connectionId, which prevents accidental cross-system routing. Cross-system comparison requires the same object to exist in both selected profiles.
Public repositories require no additional setup. Store credentials for each private repository URL separately:
npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest abapgit auth login DEV100 `
--repository-url "https://github.example.com/team/repo.git" `
--username "GIT_USER"
Status and removal:
npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest abapgit auth status DEV100 `
--repository-url "https://github.example.com/team/repo.git"
npx.cmd --yes --prefer-online @coaspe/sap-abap-mcp@latest abapgit auth logout DEV100 `
--repository-url "https://github.example.com/team/repo.git"
Credentials are selected by canonical repository URL so credentials for one remote cannot be sent to another. Passwords and tokens are not accepted as MCP tool arguments, and credentials embedded in a repository URL are rejected.
Repository-changing operations enforce these rules:
production reject writes.allowedPackages list restricts writes to those packages; an empty list allows all packages.$TMP require a transport request.stageAll=true.SELECT and WITH statements.Transport release and deletion can be irreversible. Use a dedicated transport and verify the exact confirmation value before executing either action.
The server is designed to keep model context usage bounded without removing useful data:
Continue paged responses with fields such as nextStartIndex, nextLine, nextRowStart, and nextContentOffset.
Hosts without automatic tool search can register only selected toolsets:
sap-abap-mcp serve --profile DEV100 --toolsets core,write,analysis
Available toolsets are core, write, analysis, debug, operations, artifacts, and all. The default is all.
Run acceptance tests first against a development system and dedicated packages, objects, transports, repositories, and RAP artifacts.
For BDEF creation, batch activation, class execution, the fixed ABAP REPL contract, and detailed semantic inspection, follow the evidence and cleanup procedure in docs/live-sap-acceptance.md. Until those checks succeed on a selected connection, the capabilities remain unverified.
Recommended order:
When reporting a failure, preserve the MCP error code, HTTP status, ADT endpoint, and SAP response text. Do not retry failed ADT operations with guessed parameter variants.
profile add <id> --url <url> --client <nnn> [--language EN]
[--environment development|quality|production]
[--username <user>] [--packages ZPKG1,ZPKG2]
[--login [--password-stdin]]
profile list
profile remove <id>
auth login <id> [--username <user>] [--password-stdin]
auth status <id>
auth logout <id>
abapgit auth login <id> --repository-url <url> --username <user> [--password-stdin]
abapgit auth status <id> --repository-url <url>
abapgit auth logout <id> --repository-url <url>
doctor <id> [--include-components]
serve [--profile <id>] [--toolsets core,write,analysis,debug,operations,artifacts|all]
Removing a profile also removes its SAP password and stored abapGit credential vault.
| Problem | Check |
|---|---|
node is not found | Install Node.js 20 or later and reopen the terminal. |
| npm cannot download the package | Check internet access, proxy configuration, and npm registry policy. |
PROFILE_NOT_FOUND | Run profile add again and verify the profile ID. |
| SAP login fails | Verify URL, client, username, password, VPN, Basic Auth, and ADT activation. |
| Certificate or connection error | Check the corporate CA, proxy, VPN, and SAP HTTPS endpoint. |
| Tools are missing | Confirm that the MCP command contains @latest and --prefer-online, restart it, and inspect /mcp. |
Writes return PACKAGE_NOT_ALLOWED | The profile has a non-empty --packages restriction; add the target package or remove the restriction. |
Writes return TRANSPORT_REQUIRED | Supply an open transport for non-local packages. |
| RAP generator is unavailable | The SAP release or installed components may not expose the RAP generator endpoints. |
| Private Git access fails | Store credentials for the exact canonical repository URL. |
SSO-only or MFA-only SAP systems are not supported by this release. Ask the SAP administrator whether Basic Auth can be enabled for the ADT endpoint.
npm install
npm run check
npm audit --omit=dev
npm pack --dry-run
Register the current local build for pre-release testing:
npm run build
codex mcp add sap-abap-local -- node "/absolute/path/to/sap-abap-mcp/dist/src/index.js" serve --profile DEV100
The compatibility and toolset manifest is maintained in src/compat/abap-fs-tools.ts. ADT wrapper contract tests are in test/sap-client-contract.test.ts, and end-to-end in-memory MCP tests are in test/integration.test.ts.
See docs/localhost-mcp-end-to-end.md for the multi-system Windows setup, lifecycle, security model, and operational checklist.
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.