Ekaya
← Back to Blog

DataKit: The Missing Piece from OpenAI's Big Agent Announcement

Damon Danieli
CEO @ Ekaya
DataKit for OpenAI - The Complete Agent Stack

Yesterday, OpenAI announced AgentKit, a toolkit for building and deploying AI agents. Agent Builder gives you visual workflow orchestration, ChatKit supplies embeddable UI widgets, and they've added enhanced evaluation capabilities. It's an impressive stack.

But there's a gap.

The Problem: Connecting AI to Databases

AgentKit handles orchestration. ChatKit handles the user interface. The real challenge is what sits in between -- securely connecting AI agents to your enterprise databases.

Your data doesn't live in documents or cloud storage. It lives in transactional databases, data warehouses, and proprietary systems -- the crown jewels of your organization. Getting AI access to that data safely is the hard part.

Why the Connector Registry Isn't Enough

OpenAI's Connector Registry manages integrations like Dropbox, Google Drive, and SharePoint. Great for documents. But production database connectivity needs enterprise SSO integration with SAML/OIDC through your existing identity providers. It needs user-level authorization that flows from the AI all the way to the database. It needs semantic layers that translate raw schemas into concepts Large Language Models can understand.

It needs row-level security and role-based access controls that actually work. And it needs comprehensive audit trails for SOC 2, HIPAA, and GDPR compliance.

The Model Context Protocol Problem

The industry standard for AI-to-tool connectivity is Model Context Protocol (MCP). It's powerful, but it has a critical flaw: MCP is insecure by default.

Out of the box, MCP implementations use shared service accounts, expose raw database schemas directly to LLMs, provide no user-level access controls, and offer limited audit trails. For a proof of concept? Fine. For production? No way.

DataKit

This is why we built DataKit. It's the secure database connectivity layer that sits between AgentKit and your database.

Semantic Layer

Raw database schemas need translation into business concepts that LLMs can understand. cust_tbl becomes Customer. inv_dt becomes Invoice Date. You can add fiscal calendars, computed metrics, and business rules that don't exist in the database at all.

Enterprise SSO

SAML/OIDC integration with Okta, Entra ID, Ping Identity, and other enterprise identity providers. Your existing MFA policies, directory sync, and automated provisioning all apply. No new credentials. No shadow IT.

Secure Authorization

Token pass-through from the AI agent all the way to the database. Each query runs under the authenticated user's database role, not a shared service account. Your existing row-level security and RBAC continue to work as designed.

Audit & Governance

User-level query logging and audit trails. Data governance policies enforced at the connection layer. Ready for SOC 2, HIPAA, and GDPR compliance.

Putting It Together

AgentKit orchestrates your multi-agent workflows. DataKit provides secure database connectivity with enterprise SSO and semantic understanding. ChatKit delivers embeddable chat experiences.

That's the complete stack.

Why This Matters

Without secure database access, AI agents are limited to documents and cloud storage. The real value -- the insights, automations, and workflows that transform businesses -- requires access to internal data.

That access needs to be secure, governed, and production-ready. Not a hack. Not a workaround. DataKit is that missing piece.