CData Connect AI
 
Platform / Identity & Access

AI that always uses the right identity

Deploy AI confidently with governed identities for humans, delegated agents, and autonomous workflows.

Get Started
Request a Demo
Connect AI uthentication model
Trusted by enterprise teams
GSK
Palantir
Anthropic
Office Depot
Google
Fit Check

Built for the identity infrastructure you already run.

Will this actually work in my environment? CData fits inside your existing identity stack instead of asking you to rebuild it.

AI Identity Framework

Built to handle human, delegated, or autonomous identities.

Just-in-Time Auth

Credentials checked at runtime, every interaction.

Identity Providers

Okta, Azure AD, Ping Identity.

Auth Schemes

OAuth, SAML, Kerberos, Basic Auth, SSO, RBAC.

User Management

SCIM 2.0 support for automated provisioning and deprovisioning.

The Problem

Most enterprise AI deployments rely on nascent or outdated identity models.

Shared credentials let AI see too much

Most MCP implementations authenticate once with a service account, so every user inherits whatever that account can access.

Agents need identities too

Most platforms force a choice between a broad service account or a broken workflow.

SSO becomes a POC blocker

When SSO doesn't work, evaluations stall. When it requires manual configuration, rollouts don't scale.

Agents output information they shouldn't

PII and sensitive data surface in query responses to unauthorized users.

How It Works

CData's passthrough identity model, in five steps.

Identity as a runtime primitive: evaluated at every interaction, enforced at every layer, logged against every request.

01

User makes a request through an AI agent: Claude, Copilot, LangChain, or any MCP-compatible platform.

02

CData identifies the requester as human, delegated, or autonomous, and routes to the right identity model.

03

That user's own credentials are passed through to the source system at query time.

04

Governance policies are evaluated on top of the resolved identity before the response is returned.

05

The interaction is executed within the combined permission boundary and logged against the requesting identity.

The right identity. The right data. A complete audit trail. Every time.

Key Capabilities

The identity capabilities AI teams need, built in.

01
Runtime Validation

Validate each identity's credentials at runtime.

Each identity's own credentials are validated against the source and layered controls at runtime, so AI access is dynamically bounded by the right permissions.

Validate each identity's credentials at runtime
02
Inherited Permissions

Stop configuring AI permissions from scratch.

Inherit the permission frameworks already governing your source systems on day one, with the option to layer additional controls as needed.

Stop configuring AI permissions from scratch
03
Identity Framework

Govern every identity: human, delegated, or autonomous.

An identity framework built to cover the spectrum of human-assisted to autonomous AI use cases, without forcing a different model for each.

Identity Framework
04
Auth Schemes

Support every authentication scheme needed.

Handle OAuth, SAML, Kerberos, Basic Auth, and dynamic client registration out of the box, or register as your own OAuth application so connections appear as your organization's own vetted app.

Support every authentication scheme needed
05
Lifecycle Management

Provision and deprovision AI access automatically.

SCIM 2.0 provisioning connects to Okta, Azure AD, and Ping Identity so users are provisioned and deprovisioned automatically as roles change, ready to scale from a small pilot to organization-wide rollout.

SCIM
06
PII Detection

Control how your AI handles sensitive information

Configurable warn, redact, or block policies enforced at the MCP/API tool-call boundary—inbound and outbound—with per-connection overrides and custom regex rules.

PII Detection
Validate each identity's credentials at runtime
Stop configuring AI permissions from scratch
Identity Framework
Support every authentication scheme needed
SCIM
PII Detection
Used by teams building for production
“For the first time, our AI agents use exactly the same permissions as the user running them. No shared service accounts, no permission creep.”
Head of Enterprise Architecture
global financial services firm
FAQ

Questions security teams ask first.

Deploy AI with identity controls your security team can approve

Talk to our team about your authentication model, provisioning requirements, and source-system access controls. Or explore how Identity & Access fits into the broader CData platform.

Get Started
Request a Demo