SAP Integration Nest
Studio & Community
Sign InJoin

CPINestBridge — Privacy Policy

Last updated: June 18, 2026

CPINestBridge is a browser extension for SAP Cloud Integration (CPI / Integration Suite) developers. It runs locally in your browser, has no backend of its own, and sends no analytics or telemetry. It is not affiliated with or endorsed by SAP.

What it accesses

  • Your SAP tenant content, via your existing logged-in session (*.hana.ondemand.com): iFlow packages and contents (BPMN, scripts, mappings, schemas, parameters), runtime/deployed artifact metadata, message logs, and keystore / security-material / data-store / queue listings.
  • The active tab's URL of your open CPI tab — to identify which iFlow/package you are working on and run session-scoped requests.

Where data goes

  • Your SAP tenant (*.hana.ondemand.com) — always; this is the core function. Requests use your session and are allow-listed to your tenant host.
  • An AI provider you configure (Anthropic, OpenAI, Google Gemini, or Groq) — only when you invoke an AI feature. The prompt may include iFlow scripts, mappings, names, and error text; obvious secrets are best-effort redacted, and a one-time consent is required before the first AI call. Redaction is best-effort, not a guarantee — do not use AI features on content that must never leave your tenant.
  • SAP Integration Nest (this site) — only if you configure a pairing token and use a "Send to Nest" feature. The iFlow metadata/ZIP, tenant data, or tech-spec you choose to send is stored in your Nest workspace.

No data is sent to the extension author or any third party other than the destinations listed above.

What is stored (locally, in your browser)

  • Settings and convenience data in chrome.storage.local: your configuration, recent parsed iFlow, generated specs, screenshots, history, and a local action log.
  • Any credentials or API keys you enter are stored locally in your browser only. Prefer session mode (leave credentials blank). You can remove everything via Settings → Clear All Stored Secrets.

Permissions & why

  • storage — save settings/history locally.
  • activeTab, scripting, tabs — read the active CPI tab's URL and run session-scoped requests inside it.
  • Host access to your SAP tenant, the AI provider hosts, and the Nest site — used only for the features above.
  • <all_urls> (optional) — requested on demand only for the screenshot-capture feature; declined by default.

Your controls

  • Use session mode (no stored credentials).
  • Clear All Stored Secrets in Settings at any time.
  • Decline the AI consent prompt, or use the deterministic no-AI documentation mode, to avoid external AI calls entirely.

Contact

Questions or privacy concerns: sapintegrationnest@gmail.com