What is data unification?

Data unification connects the systems your organization already runs — SIS, LMS, CRM, data warehouse, SaaS tools — into one structured, machine-readable representation that AI agents can reason over. ibl.ai does this with an ontology: a semantic layer (entities, attributes, relationships) plus an operational layer (actions, functions, permissions). It becomes the single source of truth every agent reads from, so agents are grounded in your real entities and rules instead of guessing.

Does AI Data Unification move our data to the cloud?

No. The unified layer is deployed on-premise inside your network. It queries your existing systems in place over MCP and exposes a single server behind your firewall and identity provider. There is no data extraction, no VPN to ibl.ai's cloud, and no third party holding your records — "you will have your data, and we may not even have access to it."

Which systems can it unify?

It ships with defaults for 22 systems. Databases like PeopleSoft, Oracle, Postgres, and Snowflake connect through the Google MCP Toolbox; REST systems like Canvas, Salesforce, Jira, ServiceNow, and Workday connect through custom MCP servers. The higher-ed catalog also covers Ellucian Banner, Slate, EAB Navigate, Salesforce Education Cloud, Civitas Learning, Handshake, and Blackbaud Raiser's Edge; the enterprise catalog covers HubSpot, Confluence, GitHub, Okta, Slack, Zendesk, and Zoom.

How is access controlled per user?

Every MCP request carries the user's Microsoft Entra ID JWT. The gateway validates it and resolves the caller's role from roles.yaml, so results are scoped to that user — including row-level scoping. Agents inherit the same permissions as the users they serve.

Is it open source, and do we own it?

Yes. The implementation is open source and MIT-licensed at github.com/iblai/ontology (Python 3.11+, 163 passing tests, 85% coverage). You own the code, the data, and the infrastructure. It runs on your servers — cloud, VPC, on-premise, or air-gapped — with no dependency on ibl.ai infrastructure in the critical path.

📅 Book a 30-min Demo 📞 Call/text (571) 293-0242

AI Data Unification

Q: How does AI Data Unification relate to the rest of the ibl.ai platform?

AI Data Unification is the knowledge foundation the platform reasons over. Pair it with Agentic OS to deploy agents that act on the unified graph, grounded in your real entities, relationships, and permissions — all owned and self-hosted by you.

Unify your HRIS, CRM, ticketing, and warehouse into one knowledge graph every enterprise agent reasons over — on-premise, over MCP, with no data extraction. You own all the code and data.

Sector:Higher Education Corporate Small Business K-12 Government Legal Financial Services Healthcare

No Data ExtractionQueries your systems in place over MCP

Read-Only & Role-ScopedEntra ID identity, 7-test safety suite

Open Source, You Own ItMIT-licensed, self-hosted in your network

1.6M+Platform Users

400+Organizations

MCP Architecture Guide for Enterprise

How to connect your corporate systems (HRIS, LMS, CRM, ticketing, knowledge base) to AI agents — step by step.

Read the Guide

Runs on

Air-Gapped AI Anthropic Claude Google Gemini Microsoft Copilot Amazon Bedrock OpenAI GPT NVIDIA NemoClaw OpenClaw

AI Data Unification for Corporate L&D — One Knowledge Layer Every Agent Reasons Over

For enterprise teams, the records that AI agents need are scattered across an HRIS, a CRM, a ticketing system, a knowledge base, and a data warehouse. AI Data Unification maps them into one living knowledge graph — an ontology agents reason over — exposed over the Model Context Protocol (MCP) without extracting a single record to the cloud.

You own all the code and the data. The unified layer runs inside your network, behind your firewall and identity provider, and every agent — ibl.ai, Claude, Cursor, or your own apps — queries it scoped to the caller's role.

What This Is

AI Data Unification connects Snowflake, Salesforce, Workday, ServiceNow, Jira, Confluence, and Okta into a single ontology — a structured representation of your organization that agents can reason over.

It has two layers: a semantic layer (the nouns — entities, attributes, relationships) and an operational layer (the verbs — actions, functions, permissions). Together they become the single source of truth every agent reads from.

Unify once, reuse everywhere

Model an entity once and the tenth agent costs a fraction of the first, because it inherits the same definitions, the same data, and the same governance.

The implementation is open source at github.com/iblai/ontology — MIT-licensed, Python 3.11+, 163 passing tests. ibl.ai is family-owned and operated from New York, NY: a long-term partner, not a vendor that ships a license and disappears.

The Two Layers

The Semantic Layer — the nouns

Entity types model the real-world objects in your organization — employees, teams, accounts, deals, tickets, and projects. Attributes capture their characteristics, and relationships define how they connect. An employee belongs to a team; a deal belongs to an account; an approval is an action with rules.

This is the shared vocabulary your domain experts already use, made machine-readable so agents reason over the same reality your people do.

The Operational Layer — the verbs

Actions define the permissible changes an agent can make. Functions encode logic. Permissions govern who — human or agent — can do what.

Agents inherit the same permissions as the users they serve, so they can only act within your existing rules. Every action is captured as data, so audit trails are built in, not bolted on.

Five Core Principles

Shared understanding at scaleTeams operate from unified definitions instead of siloed, per-system data. Local decisions gain global context because every agent and every department reads from the same graph.

Human-readable by designThe ontology is expressed in familiar business terminology, not a technical schema. Domain experts can explore and validate it directly, bridging technical and non-technical teams.

Build once, reuse everywhereA properly modeled entity serves every application that needs it. The cost of launching the tenth agent is a fraction of launching the first, because the knowledge is already there.

Capture decisions as dataActions are recorded and become queryable knowledge. Audit trails and decision history are a property of the system, not an afterthought you instrument later.

Ground AI in organizational realityAgents operate on the same knowledge humans use. Grounding answers in your real entities and relationships removes the translation layer where hallucinations creep in.

How the Unified Layer Works

Inbound connections

Databases connect through the Google MCP Toolbox; REST-based systems connect through custom MCP servers, defined in tools.yaml. For enterprise teams, that means Snowflake, Salesforce, Workday, ServiceNow, Jira, Confluence, and Okta.

Source credentials never leave your network. Each inbound connector has isolated credential scope, with secrets encrypted at rest.

Knowledge materialization

Data is synced into three layers: text memories in Markdown, a Postgres cache, and vector embeddings for semantic search.

The unified graph stays fresh on a schedule you control.

Outbound — one MCP server

The unified layer exposes itself as a single MCP server over HTTPS, behind your firewall and identity provider.

Any authorized runtime — ibl.ai, Claude, Cursor, or your own apps — connects to it, and results are scoped to the caller's identity.

Security & Governance

Read-only enforcement

Version 1 is read-only by design. Before provisioning, a seven-test safety suite verifies that every write attempt is denied; if any write succeeds, provisioning halts and emits remediation SQL.

Agents can read your systems — they cannot mutate them.

Identity & accessEvery MCP request carries the user's Microsoft Entra ID JWT. The gateway validates it and resolves the caller's role from roles.yaml, so an agent sees exactly what that user is allowed to see — row-level scoping included, mapped to your SOC 2 obligations.

Permissions inherited from your peopleSchema and data permissions are governed centrally. Agents inherit the same permissions as the users they serve, so access control is consistent whether a human or an agent is asking.

Built-In Service Catalog

Pre-configured connectors for Corporate L&DThe catalog ships defaults for Snowflake, Salesforce, HubSpot, Workday, ServiceNow, Jira, Confluence, GitHub, Okta, Slack, Zendesk, and Zoom. Seed any of them with one command (ontology service add --from <key>), then test and provision from the CLI.

Provision from the CLIA single CLI covers the whole lifecycle — service discovery and testing, schema analysis, role validation, scheduled sync, and Docker Compose deployment. Stand the layer up, test it, and ship it from your terminal.

Full Ownership

Your code & dataThe entire unified knowledge layer is open source. Records stay in the systems you already run — the layer queries them in place; it never copies them to ibl.ai or any third party. "You will have your data, and we may not even have access to it."

Your infrastructureThe MCP server, the Postgres cache, and the vector index all run inside your perimeter. Deploy it in the cloud you choose, in your VPC, on-premise, or fully air-gapped.

Built on Agentic OSAI Data Unification is the knowledge foundation the rest of the ibl.ai platform reasons over. Pair it with Agentic OS to deploy agents that act on the unified graph — all owned and self-hosted by you.