Skip to main content

Integrating Claude Compliance

Capabilities

DataGrail's Claude Compliance integration provides the following capabilities:

ProductCapability
Live Data MapSystem Detection

Before You Start

To successfully configure this integration, please ensure you have sufficient privileges:

  • DataGrail User Role: Super Admin, Connections Manager
  • Claude Compliance Account: Claude Enterprise
  • Claude Compliance User Role: Primary Owner

Claude Compliance uses the Claude Compliance API to surface the MCP servers, connectors, and integrations connected to your Claude organization to your System Inventory. Connecting requires a Compliance Access Key, which can only be created by a Primary Owner of a Claude Enterprise organization. If you haven't already, reach out to your Anthropic Account Manager to enable Compliance logging.

Scopes

Claude Compliance uses two API scopes. The optional scope provides broader coverage by scanning tool-use activity from chats — useful for MCP servers that were connected before the Compliance API was enabled on your organization.

ScopeRequiredPurpose
read:compliance_activitiesYesDetects MCP servers, connectors, and integrations from admin activity events
read:compliance_user_dataNo (recommended)Detects additional MCP servers via chat tool-use metadata, especially if they were connected prior to the Compliance API being enabled

Create a Compliance Access Key

  1. Log in to the Anthropic Console as a Primary Owner.
  2. Navigate to Settings and select Compliance API.
  3. Select Create Compliance Access Key.
  4. Grant the following scopes:
Scopes
  • read:compliance_activities (required)
  • read:compliance_user_data (recommended — enables broader MCP server coverage)
  1. Copy the Compliance Access Key and store it in a secure temporary location.
info

A Compliance Access Key is distinct from a standard Claude Compliance API key. Only the Compliance Access Key can read your organization's activity and integration data.

Connect to DataGrail

  1. In DataGrail, navigate to Integrations and select Configure New Integration to search for Claude Compliance.
  2. Enter the Compliance Access Key.
  3. Select Configure Integration.

Next Steps

Now that you've successfully connected the integration, check out the following resources:

Troubleshooting

If you are unable to successfully connect the integration, review these common troubleshooting steps:

Ensure the key is a Compliance Access Key.

A standard Claude Compliance API key will not authorize access to your organization's compliance data. Confirm the key was created from the Compliance API section of the Anthropic Console.

Ensure Required Permissions Are Granted on API Keys/Resources

DataGrail checks required permissions and scopes on API keys/resources used by each integration. If all necessary permissions are not granted, new connections will fail.

Review Required Account Types and User Roles

If users do not have the necessary permissions or the minimum required user role in the connecting system, the connection to DataGrail will fail. Additionally, connections will fail if your account type does not match the one required by the integration.

See Before You Start to review these requirements.

Technical Details

The Claude Compliance integration uses the Compliance API.

API Documentation

Learn more about this API implementation and DataGrail functionality in our API Integration Documentation.

 

Need help?
If you have any questions, please reach out to your dedicated Account Manager or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.