From my point of view, the connection between SAP ERP and PI should be already considered as being secure. Anyways it’s just using the technical user to connect to PI.
Of course you can perform an authority check on ERP side to make surr the user running the program etc. is allowed to call the proxy. But this needs only to be done if you call the proxy in dialog mode.