IT Teams and AI architects are rapidly moving from prototype to production. Bridging that gap, without hallucinations, governance failures, or runway token costs, comes down to three core tenets: data connectivity, context and control. Together, these make up what we call the AI Data Control Plane—the critical infrastructure layer orchestrating between data, models, agents, and people.
The June 2026 release for Connect AI addresses each of these three tenets in tandem. It expands the breadth of connectable sources, introduces the governance and identity infrastructure enterprises require, and delivers reliability and auditability upgrades for enterprise-scale AI deployments and cross-functional agentic workflows.
The June release: closing the gaps that block enterprise scale
As companies evolve from prototype to production, the gaps in their home-grown AI infrastructure have gotten painfully clear. The capabilities going live this month continue to expand our AI Data Control Plane functionality, opening new paths to productivity for IT architects, developers, and functional leaders.
On connectivity, 17 new sources, including GitLab, Gong, FreshBooks, BambooHR, Zoom, and Apollo, are now available in the Connect AI data source catalog, accessible through the same standardized relational interface and governed managed context protocol (MCP) layer as all existing connections.
On context, Connect AI Skills introduce a workflow guidance layer for Claude, ChatGPT, Gemini, and other LLM tools. Skills guide the LLM through the correct discovery sequence automatically, so query execution doesn’t depend on the agent knowing what steps to take. This reduces token overhead and improves query reliability from the first call.
On control, five capabilities close the governance gaps that most commonly block enterprise AI deployments at scale: Azure Key Vault integration for credential management, service accounts for non-human identities, role-based access control (RBAC), PII detection and token masking at the tool-call boundary, and a rebuilt centralized audit system. Gone are the days that security and governance were a check-the-box for deployment readiness; they’re now the difference maker between AI deployments that accelerate growth and those that crash operations.
Underneath all of it, an asynchronous, queue-based processing engine decouples query execution from agent runtime lifecycles—so tool calls complete in the background without blocking reasoning loops, risking orchestrator timeouts, or triggering mid-workflow failures.
Manage high-risk content and actions with PII detection and token masking
AI agents operating on enterprise data are bound to encounter sensitive information—credit card numbers, Social Security numbers, health record identifiers, etc. Connect AI’s personal identifiable information (PII) detection layer enforces configurable data governance policies at the point where sensitive data crosses integration boundaries — detecting and acting on PII in both directions before it reaches an AI model or is returned to a user.
Admins can now set account-wide policies by entity type, organized by regulation and geography, and choose to warn, redact, or block flagged inbound queries and outbound results. Per-connection overrides allow stricter policies for specific high-risk integrations. Custom regex-based rules extend detection beyond the built-in entity catalog for organization-specific patterns. Every enforcement event is audit-logged with entity type, direction, action, and connection context, without storing the matched values. The detection layer is native to the connectivity layer with no external gateway required.
Control and audit agents with service account support
Production agents need their own identity, not borrowed ones. Otherwise, it is near-impossible to audit which agent accessed which data source, with who’s credentials, and performed what actions. Connect AI service accounts give every automated process a dedicated, scoped, and revocable machine identity. Autonomous processes, scheduled pipelines, and production agents can now connect without requiring a human to initiate or maintain an OAuth session.
Security reviews that flagged non-human identity as a deployment blocker now have a concrete answer. AI agents can run scheduled workflows reliably without requiring users to maintain an active session or share credentials. A nightly reconciliation pipeline can run under its own service account, with access scoped only to the connections it needs, producing an audit trail that is entirely separate from any human user and straightforward to demonstrate to a compliance team.
Reinforce your governance layer with platform-level RBAC
Enterprise AI deployments need governance at every level: the data source, MCP platform, and LLM capabilities. Connect AI's role-based access control (RBAC) extends administrators precise control over who can access and perform what across all three.
Adding governance on top of Connect AI’s source-level permission inheritance, this release introduces four universal platform roles: Platform Administrator, Connection Administrator, User Administrator, and Query user. Admins can also create custom roles with permissions scoped to specific connections and workspaces, assignable in bulk. Permissions are additive across multiple role assignments to avoid conflicts and negative permissions.
Broader, deeper connectivity with 17 new data sources
Seventeen new sources, including GitLab, Gong, FreshBooks, BambooHR, Zoom, and Apollo amongst others, join the hundreds of semantic-rich connectors that make up Connect AI’s cross-system intelligence. By executing joins, filters, and aggregations at this intelligence layer, queries across sources continue to result in significantly greater accuracy, lower latency, and more efficient LLM token consumption than standard MCP Gateways and other architectures.
For IT teams, every new source inherits the authentication, permissions, and audit controls already in place with no additional governance overhead required to connect them. For business teams, that means bringing sales intelligence, HR records, billing data, and developer activity into AI workflows without stitching together separate exports or custom APIs.
Guide query workflows and token efficiency with Connect AI Skills
Connect AI Skills enable consistent query execution whether you're running ad-hoc data exploration or deploying LLMs in automated agent workflows. When LLMs skip steps, or when agents don't have the context to know what steps are required, query errors compound, token costs climb, and results falter.
Connect AI Skills are downloadable plugins, published on GitHub, that guide the LLM through the correct workflow from source discovery through query construction and error recovery. Once installed, they become active in every session. The cdata-base skill covers all connected systems and is production-ready now. Category skills for relational databases and warehouses, SaaS sources, and files are in active development. Skills are free for all Connect AI customers and available in the CData GitHub repository (CDataSoftware/connect-ai-skills).
Eliminate credential sprawl with Azure Key Vault integration
Connect AI's Azure Key Vault integration eliminates credential sprawl across your AI deployments. It resolves permission and credential challenges at the mechanism level by pulling credentials from your vault at runtime rather than storing them in the platform. Passwords and OAuth credentials stay in your own infrastructure, under your own access controls and rotation schedules, and Connect AI never becomes a secondary credential store to govern. When a password is rotated in the vault, Connect AI picks up the new credentials on the next query automatically. There’s no longer a need for connection edits, system downtime, or manual propagation across dozens of connections. Additional vault providers are planned beyond the initial Azure Key Vault support.
Audit everything with central logging
Control-plane events like user logins, permission changes, and connection configuration updates, are now captured in a full-text searchable audit index with no record cap, backed by immutable per-account Azure Blob Storage. The Audit Search API gives authorized callers programmatic access to the full archive, filterable by user, event type, date range, and keyword without a support request. For enterprise security questionnaires that ask about audit immutability, per-account storage isolation, and extended retention, Connect AI's audit trail now stands out as an asset. Security, Information, and Event Management (SIEM) integration via webhook is coming in a fast-follow phase, along with configurable retention up to seven or more years.
Drive enterprise query reliability through async processing
For enterprise AI teams, Connect AI’s async processing means that agents triggering large aggregations or full-dataset fetches no longer risk mid-workflow failures from orchestrator timeouts or dropped connections. Queries complete in the background and results buffer server-side, retrieved when the agent is ready to continue, with no retry logic or re-planning required. IT Operations teams can deploy rolling updates without timing them around long-running agent workflows.
Explore the June release
The June release is available now. To explore the new capabilities—or to see how Connect AI's connectivity, context, and control infrastructure applies to your AI deployment—get started with a free Connect AI trial or contact your account team today.
Capability | Description | Advantage gained |
PII detection and token masking | Configurable warn, redact, or block policies enforced at the MCP/API tool-call boundary—inbound and outbound—with per-connection overrides and custom regex rules. | Sensitive data is governed before it reaches an AI model or returns to a user. Every enforcement event is audit-logged with entity type, direction, and action—without storing matched values. |
Agent service account support | Machine identities that authenticate using OAuth client credentials flow (MCP spec SCP 1046) are scoped per agent or automated pipeline. | Autonomous agents and scheduled pipelines connect without requiring a human OAuth session. Each identity is independently scoped, auditable, and revocable via the admin console. |
Role-based access control | Four universal platform roles plus customer-defined custom roles with additive permissions, configurable defaults, and independent AI feature controls. | On top of existing source-inherited permissions, admins can now set platform level permissions by role and by user. This offers a double layer of governance for read, write, delete actions. |
17 new data source connectors | 17 new sources, including GitLab, Gong, FreshBooks, BambooHR, Zoom, and Apollo, added to the catalog via the same relational interface and MCP layer as all existing connections. | IT teams inherit existing auth, permissions, and audit controls automatically. Business teams can bring sales intelligence, HR records, billing, and developer activity into AI workflows. |
Connect AI Skills | Downloadable plugins published on GitHub that guide LLMs through the correct source discovery, query construction, and error recovery workflow for Connect AI. | Claude, ChatGPT, Gemini, and other LLM tools execute queries correctly from the first call. Fewer errors, lower token overhead, and consistent results across ad-hoc and automated workflows. |
Azure Key Vault integration | Connect AI pulls credentials from your Azure Key Vault at query runtime rather than storing them in the platform. Access is scoped via a registered application identity. | Credentials stay in your own infrastructure under your own access controls and rotation schedules. Rotated secrets are picked up automatically—no manual connection updates, no downtime. |
Centralized logging | Immutable, per-account audit storage in Azure Blob, with a full-text searchable Audit Search API and no record cap. | Compliance teams can retrieve a full audit archive programmatically. Tamper-evident records satisfy enterprise procurement and regulatory review requirements. |
Async processing | Queue-based query execution in isolated per-tenant compute. Results are buffered server-side until the agent is ready to consume them. No resource sharing between tenants. | Long-running agent queries complete reliably regardless of network conditions or client timeouts. No tenant's workload affects another's. No changes to existing MCP integrations required. |
Additional Resources
Explore CData Connect AI today
See how Connect AI excels at streamlining AI and business processes for real-time insights and action.
