ConnectorsConnector Overview
Connector Overview
How Compass connectors work and what data they pull from your IAM systems.
Connectors are how Compass pulls live data from your IAM infrastructure. They're lightweight integrations that read metrics from your systems without modifying anything.
Architecture
Compass connectors follow the MCP (Model Context Protocol) standard. Each connector is a stateless service that:
- Receives your platform credentials securely
- Calls the platform's API to fetch metrics
- Returns structured data to Compass for analysis
- Discards credentials — nothing is stored in the connector layer
Read-Only Access
Connectors only read data. They never:
- Create, modify, or delete users
- Change access policies or permissions
- Write to audit logs
- Modify any configuration
You can safely grant read-only API access knowing Compass will not alter your environment.
Data Flow
Your IAM System → Connector → Compass AI → Report
(source) (fetches) (analyses) (output)- You provide API credentials in Compass settings
- When a discovery runs, Compass sends credentials to the connector
- The connector calls your IAM system's API
- Raw metrics are returned to the AI for analysis
- The AI generates findings based on the aggregated data
Connector Limits by Plan
| Plan | Max Connectors |
|---|---|
| Starter | 3 |
| Pro | 10 |
| Enterprise | Unlimited |
Adding Multiple Connectors
You can connect multiple systems of the same type (e.g., two Azure AD tenants) or mix different platforms. More connectors give the AI a more complete picture of your IAM landscape, enabling cross-platform analysis like:
- Comparing identity counts across providers to detect orphan accounts
- Correlating provisioning times with ticket volumes
- Identifying privilege gaps between cloud and on-premises systems