Integrations
Cendriix ships with first-party connectors for the tools your team already uses. Every connector is read-secure by default, scoped to the resources you grant, and feeds the same knowledge plane (Cortex) that powers your agents, runs, and orchestrator.
Overview
There are two install patterns. GitHub uses the Cendriix GitHub App, a one-click install on the GitHub Marketplace with no admin OAuth registration needed. Every other connector uses standard OAuth 2.0with PKCE, where the customer authorizes Cendriix through the provider's consent screen and tokens live in AWS Secrets Manager for the lifetime of the installation.
Available connectors
One-click install of the Cendriix GitHub App on your org or selected repos.
Available nowSend Cendra messages, receive incident pings, and feed conversation atoms into Cortex.
Coming this waveIndex Docs and Sheets into Cortex so your agents have live access to specs and runbooks.
Coming this waveEngineering wikis, product specs, and decision logs become agent-queryable context.
Coming this waveCendriix watches your Linear cycles and triage queues to drive autonomous run completion.
Coming this waveBidirectional sync with Jira Cloud, tickets in, status and labels out.
Coming this waveRead MRs, pipelines, and issue boards from GitLab.com or self-hosted EE.
Coming this waveCloud repos and pull-request workflows feed Cortex; Cendriix can review and merge in-run.
Coming soonOutlook and SharePoint connectivity for enterprise document context.
Coming soon, Connector only, MCP integration follows later.Account, Opportunity, and Case atoms power customer-aware agents and revops automation.
Coming soonGitHub
Auth: GitHub App · Scope: read-only by default
The Cendriix GitHub App installs in seconds. After install, Cendriix ingests commits, pull requests, issues, and releases into Cortex, your tenant's private knowledge graph, and watches for new activity via signed webhook deliveries.
Permissions are intentionally minimal and read-only: contents : read, pull_requests : read, issues : read, metadata : read. Cendriix never writes to your repositories.
Slack
Auth: OAuth 2.0 · Scope: read-only by default
The Slack bot listens for mentions, posts incident summaries and run results into the channels you choose, and threads conversations back into Cortex so agents can recall who decided what.
You control which channels Cendriix sees. Cendriix never reads DMs without explicit consent.
Google Drive
Auth: OAuth 2.0 · Scope: read-only by default
Cendriix reads the documents you grant access to and converts them into structured atoms inside Cortex. The raw files stay in your Google Drive, only metadata and indexed content live in Cendriix.
Folder-level scoping is supported so you can keep sensitive folders out of scope.
Notion
Auth: OAuth 2.0 · Scope: read-only by default
After authorizing Cendriix as a Notion integration, you select the workspace pages and databases you want indexed. Cendriix re-syncs every 15 minutes by default.
Page edits are picked up automatically via Notion's polling API.
Linear
Auth: OAuth 2.0 · Scope: read-only by default
When a run completes, Cendriix can close or update the corresponding Linear issue automatically. If it detects a regression in prod, it can file a new issue with logs, steps to reproduce, and a proposed fix.
Project-level scoping ensures Cendriix only sees the work it should.
Jira
Auth: Atlassian OAuth 2.0 (3LO) · Scope: read-only by default
Cendriix picks up issues assigned to the engineering bot, drives them through the run loop, and writes back status, labels, transitions, and resolution notes.
JQL-based scoping lets you bound Cendriix to a specific project, epic, or fix-version.
GitLab
Auth: OAuth 2.0 · Scope: read-only by default
Cendriix supports both GitLab.com and self-hosted Enterprise Edition installations. Connect a group or specific projects and Cendriix ingests merge requests, pipeline runs, and issue history into Cortex.
Self-hosted setups can scope Cendriix's reach to specific subgroups.
Bitbucket
Auth: OAuth 2.0 · Scope: read-only by default
Bitbucket Cloud repositories ingest the same way as GitHub repos. Cendriix can open, review, and (with the right grant) merge pull requests inside an autonomous run.
Bitbucket Server (self-hosted) is on the roadmap but not yet supported.
Microsoft 365
Auth: Azure AD OAuth 2.0 · Scope: read-only by default
Cendriix authenticates through your Azure AD tenant via the Microsoft identity platform. Granted scopes can include Outlook mail (read), SharePoint sites (read), and Teams transcripts (read).
Conditional Access and MFA on your Azure AD tenant flow through unchanged.
Salesforce
Auth: OAuth 2.0 · Scope: read-only by default
Connect a Salesforce org and Cendriix ingests Accounts, Opportunities, Cases, and Contacts into Cortex. Custom objects are supported via the standard REST API and surfaced as atoms inside the same tenant graph.
Field-level security on the Salesforce profile flows through; Cendriix can only read what the OAuth user can.
How install works
Every connector follows the same four-step flow inside the Cendriix app: 1.click Install on the Connectors page, 2. authorize with the provider, 3. select the scope (repos, channels, projects, etc.),4. Cendriix verifies the connection and the connector card flips to Connected.
First-data ingest typically completes within a few minutes for small workspaces; large Drive or Notion installs can take longer and are streamed as they arrive.
Security & permissions
OAuth refresh and access tokens are encrypted at rest in AWS Secrets Manager and scoped per workspace. Every connector inherits the workspace's tenant isolation guarantees, no connector can see data outside its tenant.
Request a connector
Need something not on this list? Cendriix can build a custom connector for any service with a documented OAuth 2.0 or API-key endpoint. Email hello@cendriix.ai with the provider name, the use case, and a link to their developer docs and we'll scope a build.