Connect real enterprise systems and turn external activity into governed, auditable, observable, trust-compatible evidence.
Demo datasetStore: Demo Data
Illustrative pilot dataset — figures model a representative enterprise deployment.
Connectors
6/10
1 error · 1 pending
Records Synced
7,833
avg 193 ms latency
Sync Health
6 healthy
1 degraded · 1 failing
High-Risk Scopes
0
Connectors with excessive scopes
Evidence Types
6
Mapped into the evidence model
External systems feeding governed evidence. No provider-specific logic lives outside its adapter.
Microsoft 365
OAuth 2.0 + PKCE
Microsoft Teams
OAuth 2.0 + PKCE
SharePoint
OAuth 2.0 + PKCE
Jira
OAuth 2.0
ServiceNow
OAuth 2.0
GitHub
API Token
Slack
OAuth 2.0
AWS
IAM Role (AssumeRole)
Azure
Workload Identity Federation
Google Cloud
Workload Identity Federation
One reusable sync engine — mode, cursor, rate-limit, and failures per connector.
| Connector | Mode | Status | Records | Rate limit | Failures | Last sync |
|---|---|---|---|---|---|---|
| Microsoft 365 | incremental | Healthy | 1,284 | 4200/5000 | 0 | 3d ago |
| Microsoft Teams | webhook | Idle | 312 | 5000/5000 | 0 | 3d ago |
| SharePoint | incremental | Healthy | 540 | 5000/5000 | 0 | 3d ago |
| Jira | incremental | Healthy | 642 | 920/1000 | 0 | 3d ago |
| ServiceNow | incremental | Degraded | 188 | 60/200 | 3 | 3d ago |
| GitHub | webhook | Healthy | 967 | 4800/5000 | 0 | 3d ago |
| Slack | webhook | Idle | 0 | 5000/5000 | 0 | — |
| AWS | incremental | Healthy | 2,140 | 5000/5000 | 0 | 3d ago |
| Azure | incremental | Healthy | 1,760 | 5000/5000 | 0 | 3d ago |
| Google Cloud | incremental | Failing | 0 | 0/600 | 7 | 3d ago |
Requested vs granted vs excessive scopes with least-privilege guidance — procurement/security critical.
Granted
Missing (required)
noneExcessive
Least-privilege: Revoke "Files.Read.All" — granted but not required.
Granted
Missing (required)
noneExcessive
Least-privilege: Revoke "manage:jira-project" — granted but not required.
Granted
Missing (required)
noneExcessive
Least-privilege: Revoke "s3:GetObject" — granted but not required.
Granted
Missing (required)
Excessive
noneGranted
—Missing (required)
Excessive
noneGranted
Missing (required)
noneExcessive
noneGranted
Missing (required)
Excessive
noneGranted
Missing (required)
noneExcessive
noneGranted
Missing (required)
noneExcessive
noneGranted
Missing (required)
noneExcessive
noneExternal entities → the existing evidence model (trust-compatible).
| Connector | Source | Evidence | Trust |
|---|---|---|---|
| Microsoft 365 | auditLog | identity access | trust-ready |
| Microsoft Teams | channelMessage | discussion | trust-ready |
| SharePoint | document | policy | trust-ready |
| Jira | issue | governance decision | trust-ready |
| ServiceNow | approval | approval | trust-ready |
| GitHub | pull_request | change control | trust-ready |
| Slack | message | discussion | trust-ready |
| AWS | cloudTrailEvent | identity access | trust-ready |
| Azure | activityLog | identity access | trust-ready |
| Google Cloud | auditLogEntry | identity access | trust-ready |
Source events → the existing observability event model.
| Source event | Normalized type | Category | Severity |
|---|---|---|---|
| audit.created | connector.evidence.mapped | evidence | low |
| message.posted | connector.webhook.received | evidence | info |
| document.updated | connector.evidence.mapped | evidence | low |
| issue.transitioned | connector.evidence.mapped | decision | low |
| change.approved | connector.evidence.mapped | approval | low |
| pull_request.merged | connector.evidence.mapped | evidence | low |
| message.posted | connector.webhook.received | evidence | info |
| iam.access | connector.evidence.mapped | identity | low |
| role.assignment | connector.evidence.mapped | identity | medium |
| iam.binding.changed | connector.permission.changed | identity | high |
Connector events normalized into the observability model — a view, not a second log.
| Event | Connector | Severity | Outcome | When | Hash |
|---|---|---|---|---|---|
connector.evidence.mapped Mapped Jira issue GOV-218 → governance decision evidence. | conn-jira | low | success | 3d ago | 0xCONN-L…0001 |
connector.sync.completed Incremental sync completed — 24 pull requests. | conn-github | info | success | 3d ago | 0xCONN-L…0002 |
connector.webhook.received Webhook received — channel message in #ai-governance. | conn-teams | info | success | 3d ago | 0xCONN-L…0003 |
connector.sync.started Incremental CloudTrail sync started. | conn-aws | info | success | 3d ago | 0xCONN-L…0004 |
connector.permission.changed IAM binding changed — re-review required. | conn-gcp | medium | success | 3d ago | 0xCONN-L…0005 |
connector.sync.failed Cloud Audit Log sync failed — missing iam.roles.get scope. | conn-gcp | high | error | 3d ago | 0xCONN-L…0006 |
connector.auth.failed OAuth consent not completed. | conn-slack | high | error | 3d ago | 0xCONN-L…0007 |
Procurement & security documents — reuse the shared report shell.