Integrations

Fits where
AI already lives.

Drop-in connectors for the inference providers, the MLOps platforms, the ticketing systems, the SIEM, the data warehouses, and the MCP servers your teams already run. No rip-and-replace, no new workflow to learn.

Browse connectors Request a connector

Live catalog

Connectors live

Continuously expanding

Wide surface

Connector categories

Identity, data, AI, infra, ticket, notify

OAuth

Default authentication

SAML and service account supported

Audited

Every call and token change

Append-only log

Connectors liveOAuth 2.1 · SAML 2.0HMAC-SHA256 webhooksScoped secretsSigned token changes

OktaAzure ADPingAuth0SnowflakeDatabricksBigQueryS3AnthropicOpenAIBedrockAxiomDatadogGrafanaJiraLinearServiceNowSlackTeamsPagerDutyOpsgenie

Catalog

Where your AI lives. Where your team already works.

Identity + SSO

Any SAML 2.0 or OIDC identity provider

OIDC + SAML

SAML 2.0 metadata and OIDC discovery out of the box. JIT provisioning maps IdP group claims onto KoraSafe^™ roles. SCIM 2.0 in beta covers user CRUD, group CRUD, and deprovision. Tenant-scoped metadata never crosses tenants, and session JWTs are signed RS256 with a short access window and rotating refresh.

Protocols

SAML 2.0 · OIDC

Provisioning

JIT + SCIM beta

Session

RS256 · short access

Claims

Group to role map

OktaAzure ADPingAuth0Google Workspace

Data + compute

Snowflake, Databricks, BigQuery, Postgres, S3, GCS

Read-only default

Read-only by default. Write paths require an explicit scope grant from the admin console. Catalog-aware: KoraSafe^™ reads INFORMATION_SCHEMA or UC before any fetch and honors column masks. Residency Agent enforces region rules before the network call.

Default scope

Read-only

Catalog

INFORMATION_SCHEMA / UC

Masks

Honored pre-fetch

Residency

Region gate pre-call

SnowflakeDatabricksBigQueryPostgresS3GCS

AI + model vendors

Anthropic, OpenAI, Google, Cohere, Mistral, Bedrock, Azure OpenAI

Per-vendor breakers

Per-provider safety stops, closed / half-open / open with exponential backoff. Per-tenant budgets in dollars and tokens, with exceeded requests returning structured errors. Per-model approval gates live in the registry. Model cards track version, training cutoff, and safety evals.

Breakers

Closed / half / open

Budgets

USD + tokens

Error shape

RFC 7807

Approvals

Registry-gated

AnthropicOpenAIGoogleCohereMistralBedrockAzure OpenAI

Observability

Axiom, Datadog, Grafana, OpenTelemetry

OTel-native

OTel-native traces and spans flow out, span.kind=server with korasafe.* attributes on every span. Findings and policy violations flow in as structured logs and metrics. Nothing proprietary, so you can swap vendors without touching KoraSafe^™ config.

Out

OTel traces + spans

Logs · metrics

Swap

Vendor-agnostic

Ingest

Low-latency

AxiomDatadogGrafanaOpenTelemetry

Ticketing + ITSM

Jira, Linear, ServiceNow, Asana, GitHub Issues

Bidirectional

Violations open tickets with the full request id trace, the policy version that fired, and the evidence pack id attached. Ticket state (open, in progress, resolved) syncs back into the audit log as structured events. Closing a ticket writes the resolution reason back to the registry.

Open with

Request id + policy + pack

State sync

Back into audit log

Writes resolution

Direction

Bidirectional

JiraLinearServiceNowAsanaGitHub Issues

Notification

Slack, Teams, PagerDuty, Opsgenie, email, webhooks

HMAC-signed

Signed webhooks use cryptographic signing with a short replay window. Channel routing fans out by severity (info, warn, block) and domain (PII, bias, cost, residency). PagerDuty pages only on top-tier policy breaks. Message templates live versioned in the tenant registry.

Signing

HMAC-SHA256

Replay window

Short

Routing

Severity by domain

Pager trigger

Top-tier breaks only

SlackTeamsPagerDutyOpsgenieEmailWebhooks

How connectors work

Narrow scope, full trail, clean exit

Step one Declare scope Step two Bind identity Step three Run and audit

Declare scopeAdmin console

Read or write. Tenant-wide or per-system. Nothing implicit.

Admins pick a connector scope from a discrete set. Read, read/write, or write-only. Scope is bound to a tenant or to a single upstream system, and there is no wildcard tier. Scope changes require a reason string and a second approver for higher-tier connectors.

Scope modes

Read · read/write · write-only

Boundary

Tenant or per-system

Approvals

Two-person for higher tiers

Wildcards

None

Bind identityCredentials

Service account, OAuth 2.1, SAML, or mTLS. Secrets never leave the vault.

Identity binding runs through the credential vault. Secrets are stored as cryptographic hashes with per-tenant envelope keys and rotated on a policy. OAuth 2.1 with proof-key verification is the default. SAML is supported for IdP-mediated connectors, and mTLS is wired in for high-trust backends.

Default

OAuth 2.1 + PKCE

Fallback

SAML · mTLS · SA

Storage

SHA-256 + envelope

Rotation

Policy-driven

Run and auditTelemetry

Every call logged with a request id, caller tier, and policy version.

Every connector call emits an append-only audit event with the request id, the caller agent id, the autonomy tier at dispatch, and the policy version that evaluated it. Traces are OTel-native, so the same request id stitches across the gateway, orchestrator, and upstream. Retention follows the tamper-evident hash chain.

Event shape

Append-only · signed

Fields

req_id · agent · tier · policy

Trace

OTel end-to-end

Retention

Hash chain

Custom

Need a new connector?

Enterprise tenants can commission connectors. Most ship in a few weeks.

Scope

What we build on request

Identity federation and provisioning
Data stores, lakes, warehouses
Model gateways and inference endpoints
Observability and incident systems
Ticketing, comms, paging

How it ships

Commercial terms

Scoped statement of work with your security team
Built by the platform team or a partner
Published in your tenant catalog
Maintained under your enterprise plan
Open sourced by request where upstream licenses permit