Organizations that require more sophisticated approval flows can configure external governance.
This setup allows subscription requests raised within Developer Hub to be reviewed, approved, or rejected through an external system (such as SAP Build Process Automation, any other custom workflow, or an custom application).

Before we dive into the implementation details, it is helpful to revisit the foundations covered in the earlier parts of this series.
In Part 1, we explored the importance of governance within Developer Hub and how administrators can configure built-in governance levels to balance openness with control.

Step 1: Enable External Governance in Developer Hub

1. Logon to Developer Hub.
2. Navigate to Admin Center > Manage Governance Settings, click on the Subscriptions tab, and choose Edit.
3. Now, select the option Manage Approval Outside Developer Hub and choose Save.

This redirects all future subscription requests to your external governance system for approval.

Note: Enabling this setting alone isn’t enough—several prerequisites must be completed for the setup to function correctly. Make sure you first complete all prerequisite steps and only then update the governance settings.

Step 2: Implement the Service Provider Interface (SPI)

The customer subaccount administrator must implement the Service Provider Interface (SPI), which handles the redirection of subscription requests to your external system.
This could be a workflow, backend service, or UI application that processes approvals.

SPI specifications, including interface details and parameters, are available on the SAP Business Accelerator Hub.

 Recommendation

Use SAP Integration Suite API Management for implementing the Service Provider Interface (SPI), and SAP Build Process Automation for designing your external approval workflow. For step-by- step instruction, see Part 3: Implementing External Governance Using SAP Integration Suite and SAP Build Process Automation (add blog link).

Step 3: Create a Destination in SAP BTP Cockpit

Once the SPI is in place, create a destination in your SAP BTP subaccount that points to the SPI endpoint.
This destination should include:

• The SPI service URL
• Authentication credentials (e.g., OAuth2, Basic Auth)

This setup ensures Developer Hub can securely send subscription requests to your external system.

1. In your web browser, log on to SAP BTP Cockpit and navigate to your source subaccount.
2. Choose the Connectivity > Destinations tab in the left-hand pane.
3. Choose Create and in the Create New Destination popup, select From Scratch to create a new destination manually.
4. In Destination Details section, fill in all the required details according to the descriptions provided in the table and choose Create.

Note: Use the credentials provided by the customer sub-account administrator. Supported authentication methods include OAuth 2.0, Client Certificate, and Basic authentication.

           You can also do a Check Connection to verify whether you've added the destination correctly.

Step 5: Update Developer Hub with Governance Decisions

After the external administrator approves or rejects a subscription request, that decision must be communicated back to Developer Hub.

The external governance system does this by calling the API Developer Hub - External Governance (CF) published on SAP Business Accelerator Hub, using credentials tied to the AuthGroup.External.Reviewer role collection.

Once the decision is received, Developer Hub updates the subscription status accordingly.

When Governance Takes Effect

Once all prerequisites are fulfilled and Manage Approval Outside Developer Hub is enabled:

• New subscription requests are automatically routed to the external approval system.
• Approvals and rejections are reflected in Developer Hub based on feedback from the external workflow.

⚠️Caution:
If prerequisites aren’t configured correctly, subscription requests will fail. Always verify your setup before enabling external governance.

How the External Subscription Process Works

1. Developer Submits a Subscription Request
• The developer subscribes to an API product from the Developer Hub catalog.
• The request is automatically sent to the external approval system.
2. External Administrator Reviews the Request
• The external admin (using a workflow, e.g., SAP Build Process Automation) reviews and approves or rejects the request.
• They can view API details in Developer Hub or via APIs on SAP Business Accelerator Hub.
3. Developer Receives the Decision

• If approved, the developer receives a confirmation email containing a link to the application with the subscribed product.

• If rejected, they receive a rejection email, and the pending subscription is deleted.
• Developers can monitor request status under My Workspace → Subscriptions → Pending Approval.

Configuration Requirements Summary

To ensure smooth external governance:

• Set the governance option to Manage Approval Outside Developer Hub
• Select the Allow Subscription option for the product.
•  Complete all the Service Provider Interface (SPI) and destination configurations
• Integrate the external system properly using the Developer Hub API

Note: ️ You cannot remove or modify products with pending or approved subscriptions.
To apply configuration updates, bring the product into draft mode, make changes, and republish it.

Conclusion

Developer Hub’s governance capabilities provide the flexibility and control modern enterprises need to manage their API ecosystems effectively.

Whether your organization prefers internal governance through SAP systems or external workflows via custom integrations, Developer Hub empowers administrators to tailor governance processes that align with their business policies—ensuring secure, compliant, and well-managed API access across your developer community.