D
Dezifi.ai
Custom integrations

Connect a SQL database

Most enterprise data still lives in a SQL database. Dezifi exposes any database as a tool with text-to-SQL, schema awareness, and explicit boundaries between read and write paths.

What you'll learn
  • Which databases Dezifi connects to
  • How text-to-SQL is grounded in your schema
  • How to scope read vs. write access safely
  • How to register a database and test the first query

Supported databases

  • PostgreSQL — including managed flavors (RDS, Aurora, Cloud SQL, Supabase).
  • MySQL / MariaDB — versions 5.7+.
  • Microsoft SQL Server — on-prem and Azure SQL.
  • Snowflake — warehouse-scale analytics.
  • Any JDBC source — Oracle, Redshift, BigQuery via JDBC connector.

How text-to-SQL works

The agent doesn't guess at your schema. Dezifi introspects tables, columns and relationships on registration and injects them as grounding context.
  1. 1

    Schema introspection

    On registration, Dezifi reads INFORMATION_SCHEMA (or the equivalent) and stores table names, column types, primary and foreign keys, and any documented column comments.
  2. 2

    Allowlist tables

    Pick the tables and views the agent can see. Anything not on the allowlist is invisible — the agent cannot query it, cannot suggest it, cannot accidentally hit PII tables.
  3. 3

    Query generation

    When the agent calls the SQL tool, it produces a SQL statement grounded in the allowlisted schema. The query is validated, cost-estimated against the warehouse plan, and only then executed.
  4. 4

    Result handling

    Rows are returned to the agent with a configurable cap (default 100 rows, 1 MB). Larger result sets are summarized or paginated, never dumped into the LLM context wholesale.

Read vs. write scoping

The single most important decision is what the agent is allowed to do. Dezifi exposes three modes per connection — read-only, read with approval-gated writes, and read/write. We recommend creating a database user that is genuinely read-only at the engine level for read-only connections — defense in depth beats trusting the application layer alone.

How to connect a database

  1. 1

    Create a scoped DB user

    In your database, create a user with the minimum grants the agent needs. For analytics, this is SELECT on a specific schema or set of views.
  2. 2

    Open Integrations

    Sidebar → Integrations → New → SQL Database. Pick your engine.
  3. 3

    Enter the connection

    Connection string or host/port/database/user/password. SSL settings if required. Optional SSH tunnel for VPC-isolated databases.
  4. 4

    Pick mode and allowlist

    Choose read-only, approval-gated, or read/write. Allowlist the schemas, tables and views the agent can see. Optionally add column-level masks for PII fields.
  5. 5

    Test a query

    Use the inline tester. Ask "how many orders in the last 7 days" — the tool generates SQL, you review it, run it, and confirm the result. Now attach the tool to an agent.

Frequently asked questions

Can the agent run arbitrary SQL?
Only against allowlisted tables. Statements that touch anything else are rejected before they reach the database. For writes, you can additionally require approval per statement.
How do we prevent expensive queries?
Set a query timeout, a max row cap and a max bytes-scanned threshold (for warehouses like Snowflake). The tool aborts before a runaway query lands.
Does Dezifi memorize my data?
No. Schema is cached for grounding; row data is not stored. Each query result lives only in the run trace and follows your trace retention policy.
Can we connect a database inside a private VPC?
Yes. Use the SSH tunnel option, AWS PrivateLink, or deploy Dezifi's runtime inside your VPC. Self-hosted deployments connect over private networking directly.

Related

MCP server custom tool
Read more
REST API custom tool
Read more
Integrations overview
Read more
Policies overview
Read more