Sanctioned pathway · Compatible with SAP API Policy 4.2026a, §2.2.2 Read the whitepaper →
AegisAI
Contact Book a demo
Product

One control plane. 31 backends. Every AI agent.

AegisAI is a single FastAPI surface that any AI agent (Copilot, Joule, Claude, ChatGPT, Gemini, LangChain) can talk to. Behind it, nine deterministic stages enforce per-user identity, deterministic policy, and field-tag masking across 31 backend integrations: SAP, Snowflake, Databricks, BigQuery, RDS, Synapse, Salesforce, MongoDB — and 23 more.

Book a demo See the architecture
Capabilities

What AegisAI does, in nine sentences.

Each stage of the 9-stage pipeline. Deterministic, deny-by-default, and independently auditable.

Authenticate

HS256, RS256, ES256, PS256. JWKS rotation. Issuer and audience verification. Configurable clock-skew leeway.

Authorise — SAP & SaaS

SAP BAPI_USER_GET_DETAIL + ACTIVITYGROUPS / PROFILES. Salesforce profile permissions. Workday OAuth scopes. ServiceNow ACLs. Each backend's native model.

Authorise — cloud & warehouses

AWS simulate_principal_policy, Azure RBAC, GCP testIamPermissions, Snowflake Unity Catalog, Databricks workspace ACLs. Fail-closed on connector error.

Adaptive trust

Frequency, scope expansion, coverage growth, cross-user coordination. Trust score drives rate-limit bands.

Policy

Priority-weighted expression set evaluated by a safe AST whitelist. Deny-by-default, deny-wins-on-tie.

Plan

Intent compiles into SafeQuery. :named placeholders only. Tenant isolation as a row policy on every entity.

Execute

MODE-gated dispatch across SAP / cloud DWH / SaaS / NoSQL. PRODUCTION refuses simulators. Identity propagates to each backend natively.

Mask

Schema-driven response firewall. Per-field classification × user clearance × auth-object gate.

Audit

Tamper-evident HMAC chain. Postgres-backed, row-locked append. Public /api/audit/integrity probe.

Connectors

Real SDK calls. No mocked authority.

Each connector ships with its production-grade authority lookup. No fixtures masquerading as IAM checks.

SAP S/4HANA · ECC 6.0 EHP 8

Identity propagation via SAP Logon Ticket or user credentials. Authority lookup walks BAPI_USER_GET_DETAIL; per-object field-value enforcement via SUSR_USER_AUTH_FOR_OBJ_GET.

  • RFC / BAPI via pyrfc
  • OData v2 / v4 with typed entity sets
  • Customer Z-RFC extension point
  • Double enforcement: AegisAI checks, SAP checks again

AWS RDS · Redshift · Aurora

Principal ARN resolved via STS GetCallerIdentity; permission checked via iam:SimulatePrincipalPolicy per request.

  • RDS Data API for Aurora / Postgres / MySQL
  • Redshift Data API for Workgroup or Cluster
  • Static credentials, role-assumption, or instance profile
  • Fail-closed on any IAM error

Azure Synapse

Authentication via DefaultAzureCredential. Permission checked via Azure RBAC role-assignments at request scope.

  • Synapse SQL endpoint via REST
  • Per-workspace scope binding
  • Token caching with explicit expiry

GCP BigQuery

Service-account credentials with Workload Identity Federation. Permission checked via testIamPermissions on the project resource.

  • BigQuery client API
  • Region-locked queries
  • Cache-disabled by default for deterministic responses
Ready when you are

Put the sanctioned pathway in front of your AI.

30-minute architecture call. We walk through your data sources, your auth model, and what a 4.2026a-compatible AI integration looks like for your stack.

Book a demo Read the whitepaper