Source-system connectors¶
Cloud onboarding gives Venturi the billing and infrastructure anchor. Source system connectors add the organizational context needed to explain who used AI, which team owns the work, and where unknown usage should be investigated.
Release state
The source-system connector setup guide set is published for the connector surfaces implemented in the platform connector package. Each guide describes read-only customer setup, validation, and the limits that keep discovery evidence separate from chargeback-ready attribution.
Published setup guides¶
| Connector | What it contributes | Setup guide |
|---|---|---|
| Okta | User, group, and lifecycle context for workforce attribution and admin review. | Okta identity inventory |
| GitHub | Organization, repository, and team metadata for code-ownership attribution. | GitHub code ownership |
| Microsoft Entra ID | Directory users and groups for workforce attribution. | Microsoft Entra ID directory inventory |
| Cursor BYOK | Provider billing exports for Cursor bring-your-own-key usage. | Cursor BYOK provider billing |
| Microsoft 365 Copilot | Per-user Copilot adoption and licensing context. | Microsoft 365 Copilot adoption |
| Google Workspace Gemini | Per-user Gemini adoption and licensing context. | Google Workspace Gemini adoption |
| Salesforce Agentforce | Agentforce action usage and Flex Credit context. | Salesforce Agentforce usage |
| Snowflake Cortex | Cortex usage history, query history, and Cortex Search serving rows. | Snowflake Cortex usage |
| Databricks AI Functions | Model-serving usage rows with cluster and Lakeflow context. | Databricks AI Functions usage |
| BigQuery ML and Vertex | BigQuery remote-model jobs and Vertex request-log context. | BigQuery ML and Vertex usage |
| Power Platform | Per-environment AI credit consumption. | Power Platform AI credits |
| UiPath | AI Units consumption by tenant, folder, and project. | UiPath AI Units usage |
| Boomi | AgentStudio and Control Tower usage context. | Boomi AgentStudio usage |
| MuleSoft | AI Gateway and Agent Fabric token metering. | MuleSoft AI Gateway metering |
| Workato | Recipe, workspace, and usage context for automation. | Workato recipe usage |
| Zapier | Enterprise audit, agent activity, Zap history, and MCP context. | Zapier automation context |
| CASB shadow AI | Detected-only shadow-AI observations from CASB sources. | CASB shadow-AI detection |
| DNS/firewall log analysis | Detected-only direct AI-provider traffic observations. | DNS and firewall AI discovery |
| eBPF passive capture | Optional, customer-authorized TCP metadata discovery. | eBPF passive AI discovery |
Before you connect¶
- Finish the cloud account setup in AWS, Google Cloud, or Azure.
- Confirm the connector can use read-only scopes only.
- Decide which tenant admin will own token rotation and offboarding. Use Rotate & offboard as the operating checklist.
- Confirm that prompt and completion content are not requested or provided. Venturi connector setup uses metadata, not content capture.
Validation¶
After a connector is configured, use Verify & confirm to confirm three things:
- The connector is marked read-only.
- The latest sync timestamp is visible.
- Unknown-spend and coverage views show the connector as a would-close or already-connected source.