Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Claude Compliance

This documentation for the Claude Compliance integration describes the technical capabilities of this integration, including authorization, scopes/permissions, and utilized endpoints. For more information on how to integrate Claude Compliance, visit our connection instructions.
Claude Code and Claude Cowork

The Claude Compliance API does not currently support Claude Code or Claude Cowork. Claude Cowork is not recommended in environments where compliance logging is required.

Version

This integration utilizes the Claude Compliance Compliance API.

Base URL

The base URL used for all Claude Compliance API endpoints:
https://api.anthropic.com/v1/compliance

Authentication & Authorization

The DataGrail Claude Compliance integration connects using token authentication which requires a Compliance Access Key.

Sensitive Credentials
Publicly exposing your API credentials can allow unauthorized access to Claude Compliance API endpoints by a third party. DataGrail stores your API credentials encrypted and protected.

Endpoints Utilized

DataGrail uses the following endpoints to authorize and test the connection:

Limits

Limits in Claude Compliance are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket.

  • DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Capabilities

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

Data Interactions

DataGrail's System Detection process runs once daily and reads organization activity and chat tool-use metadata to detect MCP servers, connectors, and integrations connected to Claude:

Fetch the following from the activity feed and chat messages:

  • MCP server activity (created, updated, and tool policy events)
  • Connector approvals
  • Integration connections (Google Drive, GitHub, and others)
  • Tool-use metadata identifying external MCP integrations
Privacy

DataGrail does not store chat messages. Only tool-use metadata (e.g., integration name, MCP server URL, and tool name) is processed to identify connected systems.

Endpoints Utilized


 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.