Skip to main content

Key Vaults

By using key vaults instead of entering data source information directly into the Connect AI user interface, you can have centralized control of all your credentials. You can establish an audit trail in your vault logs every time Connect AI reads a credential. You can also regularly update values in your vault without affecting your data source connection in Connect AI.
  • Azure Key Vault is currently supported, with more vault support to come. This feature is only available in Connect AI’s Business tier.
  • Not available for Connect AI Embed.
  • Only Shared Authentication is supported when key vaults are turned on.

Use a Key Vault for a Connection

Follow these steps to add your Azure key vault to Connect AI and then use the key vault for your connection.
1
Enter your Azure Key Vault information in the Key Vaults section of the Settings page.
2
In the Add Connection page for your connection, toggle on Use Key Vaults to Authenticate. This enables the connection to use secrets stored in a key vault for its credentials.
Use Key Vaults
3
In the Key Vault drop-down list, select the key vault to use for the connection. Key icons () then appear next to the connection’s credential fields (for example, User and Password).
4
Click the field’s key to change the key from outlined to solid, and then enter the vault secret in the field.
  • If the key is outlined (), the field is treated like a normal input field.
  • If the key is solid (), the value is treated as the name of a secret in the selected key vault, NOT the actual value of the field. For example, you can enter salesforce-password to reference the Salesforce password in the key vault.
5
Save and test your credentials as usual.

Rate Limits

The Connect AI rate limit is 100 requests per user per minute. This limit is shared across all data sources, so if a user issues 70 requests in a minute to one connection, that user can only issue 30 more requests to another connection in the same minute. Note that requests with excessively long response times might time out. If your request times out, please refine the query to reduce the time it takes to execute.

IP Allowlist

Connect AI uses a range of static IP addresses to communicate with external data sources. To ensure that you can access your data, you must allow these static IP addresses in your data sources. The table below lists these IP addresses.
IP Addresses (CIDR)IP Addresses (Range)
52.224.0.160/2852.224.0.160 - 52.224.0.175
4.154.117.160/284.154.117.160 - 4.154.117.175

Logging and Audit

CData Connect AI provides comprehensive logging and audit capabilities to help you monitor data access, track system activity, and maintain compliance with security and regulatory requirements. The platform captures detailed information about user actions, data queries, connection activity, and system events. See Logs for details.

Security Compliance

Connect AI prioritizes data security and regulatory compliance, enabling users to integrate data from any application with confidence and without compromising sensitive information. Connect AI maintains comprehensive, globally recognized security and compliance frameworks to protect customer data, including SOC 2 Type II, ISO-certified security standards, and GDPR compliance. These measures ensure our customers can operate securely and meet regulatory requirements across industries and regions. You can find more detailed information including architecture documentation, security policies, data retention policies and more from the Connect AI Security Kit.