Skip to main content

What Connect AI Embed Provides

Connect AI provides a managed, enterprise-grade connectivity layer for AI use cases. CData operates the platform, provides transport security, supports real-time, in-place access to customer systems, and offers observability through the parent account and admin portal. Connect AI Embed also helps reduce operational burden by removing the need for you to run your own MCP server infrastructure, manage connector implementations individually, or build the underlying query execution layer from scratch.

Your Application Stays in Control

Connect AI Embed is designed to integrate into your existing application security model, not replace it. Your team retains full ownership of the identity, authorization, and governance layer for your users, which is exactly where that control belongs. Your application manages:
  • End-user authentication and authorization
  • Role definitions and feature-level access rules
  • Read/write policy decisions for AI workflows
  • JWT generation and secret storage
  • Prompt, parameter, and request validation before anything reaches CData
  • User-level logging and attribution inside your own product
This division keeps your governance model intact and ensures your users, tenants, and workflows remain under your control.

Security Responsibilities at a Glance

Connect AI Embed operates on a shared responsibility model. CData manages the platform layer and your team owns the application layer. Together, they form a complete security posture.
AreaCData ProvidesYou Control
Platform securityManaged, audited connectivity platform with encryption and real-time query handling.Your application enforces its own internal security controls.
IdentityPlatform access and admin portal controls for ISV admins.End-user authentication and authorization — keeping your users and tenants fully under your governance model.
Access controlConnection-level and sub-account structure that you configure and scope.User-level RBAC, workflow permissions, and read/write rules for your application.
SecretsSecure platform handling of CData-managed infrastructure.JWT private keys, API keys, and customer credentials using your own vault or secret manager.
LoggingAdmin portal logs and connection-level observability.User-level audit trails and attribution inside your product.
GovernanceManaged platform foundation with documented security posture.Application-layer governance and policy enforcement aligned with your compliance requirements.