Ekaya

Enable AI Features
In your Multi-Tenant SaaS Product

with a secure, self-contained solution

Users expect products to have AI features that automate workflows or allow them to explore their data using natural language. Ekaya is a production-ready, secure, and self-contained text-to-SQL solution designed to protect data access in multi-tenant products.
The Ekaya Embedded Server runs entirely within your product environments so that data never leaves your data boundary.

Product Demo Video Coming Soon

See Ekaya embedded in a real SaaS application

How does it work?

1[Recommended] Create Database Views and Configure Isolation

Example PostgreSQL Setup

The recommended best practice is to create non-materialized views of the product data you want AI to access. Configure multi-level isolation: tenant-level (organization), role-based (admin vs user), and user-specific (only assigned records). Choose one of two approaches based upon availability of database-level protection:

Best Practice: Row-Level Security (RLS)

Enable RLS on your base tables with policies enforcing tenant, role, and user-level permissions. Note: policies are automatically enforced when querying through SQL views.

ALTER TABLE subscriptions
  ENABLE ROW LEVEL SECURITY;

CREATE POLICY user_data_access
  ON subscriptions USING (
    tenant_id = current_setting(
      'app.tenant_id')::uuid
    AND (
      user_id = current_setting(
        'app.user_id')::uuid
      OR current_setting('app.role') = 'admin'
    )
  );
Why best practice: Database-enforced security at tenant, role, and user levels. Cannot be bypassed. Ekaya works with your existing permission model through session context.

Alternative: WHERE Clause Enforcement

Include tenant_id and user_id columns in views. Ekaya validates all generated SQL includes multi-level WHERE clauses.

CREATE VIEW customer_subs AS
SELECT id, tenant_id, user_id, status
FROM subscriptions;

-- For regular users, Ekaya generates:
SELECT * FROM customer_subs
WHERE tenant_id = $1
  AND user_id = $2

-- For admins, Ekaya generates:
SELECT * FROM customer_subs
WHERE tenant_id = $1
Trade-off: Relies on SQL validation. Use when RLS cannot be enabled on base tables.

Checklist:

  • Create non-materialized views (regular VIEWs) exposing only necessary columns
  • Create dedicated read-only database user with SELECT access to views only
  • Configure RLS policies or WHERE clauses for tenant, role, and user-level isolation
  • Set session context (tenant_id, user_id, role) in the JWT authorizing access (see below)

2Download Ekaya Engine and Configure Product AI Access

Attach Ekaya Engine to a development or stage database and import only those Views (see Developers). This sets up the schema, ontology, and any pre-created queries that your product will need.

What Ekaya Engine Does:

  • Schema analysis and semantic layer creation
  • Ontology extraction to understand business entities and relationships
  • Pre-created query templates for common use cases
  • Test performance and AI behavior in safe environment

Note: You do not need to access the Production database in this step. This is only extracting schema, ontology, and query templates from your development/stage environment.

3Export the Static Configuration for Ekaya Embedded Server

This configuration will be deployed into your product environments (dev, stage, production) and contains everything the Ekaya Embedded Server needs to generate safe SQL from natural language prompts.

Configuration Contains:

  • Schema metadata (tables, columns, types, constraints)
  • Ontology rules (business entities, relationships)
  • Pre-created query templates
  • Security validation rules and RLS policies

4Deploy Configuration and Ekaya Embedded Server in your Environments

The Ekaya Embedded Server loads the static configuration into memory at launch (and reloads upon SIGHUP). Can be isolated in its own VPC and only requires access to embedded models.

Deployment Benefits:

  • Deploy across all environments (dev, stage, production)
  • In-memory configuration loading for fast response times
  • Zero-downtime updates with SIGHUP reload
  • VPC isolation with no external service dependencies

5Choose your LLM Deployment Option

Ekaya provides specialized, fine-tuned models that you can deploy within your data boundary, or you can bring your own key to use your preferred LLM provider.

Ekaya Fine-Tuned Models:

  • Optimized for text-to-SQL generation
  • Deploy within your data boundary
  • No external API calls required

Bring Your Own Key (BYOK):

  • Use AWS Bedrock, GCP Vertex, or Azure OpenAI
  • Leverage your existing LLM agreements
  • Your API keys, your control

6Integrate Ekaya with your Product Server code

Your product server communicates with the Ekaya Embedded Server to generate secure, tenant-scoped SQL from natural language queries.

Integration Flow:

  • 1Your product server sends natural language expression with bearer token (JWT) containing tenant authorization and context to the Ekaya Embedded Server
  • 2The Ekaya Embedded Server validates JWT and checks for LLM and SQL injection and data leakage
  • 3The Ekaya Embedded Server uses your business semantic layer to generate tenant-scoped SQL for your schema and RLS policies
  • 4The Ekaya Embedded Server returns the SQL and additional metadata and never touches your database

Features

Built for Product Environments

The Ekaya Embedded Server is designed to run in Product Environments with five-nines availability

Self-Contained Deployment

  • No external services: Everything runs in your environment
  • Installable server: Deploy alongside your product tier
  • Fine-tuned models: Self-Hostable on prem or hybrid cloud
  • Five nines availability: Built for production uptime requirements

Product Operations Ready

  • Structured logging: Events designed for product monitoring
  • Metrics & tracing: Prometheus and OpenTelemetry support
  • Hot reload: Zero-downtime config updates via SIGHUP
  • Network isolation: Run in private network with controlled access

Security Built for Multi-Tenant SaaS

Per-request authentication with automatic row-level security enforcement

Per-User Row-Level Security

Every query is automatically scoped to the authenticated user's tenant and permissions. No shared service accounts, no privilege escalation risks.

  • JWT-based tenant isolation with HMAC validation
  • Automatic RLS field injection (organization_id, tenant_id, etc.)
  • Per-user connection pooling with security context
  • Validation that WHERE clauses contain required RLS fields

Built-in guarantee: Users can only access rows they own. The system validates every generated query contains proper tenant isolation before returning SQL to your product.

SQL Injection & Data Leakage Prevention

Multi-layer validation ensures generated SQL is safe and doesn't leak sensitive data.

  • Pattern detection for DROP, TRUNCATE, DELETE, comments
  • Parameterized queries only ($1, $2 format)
  • SELECT-only enforcement (no mutations)
  • Detection of excessive JOINs and SELECT * on large tables
  • PII column flagging and access warnings
  • Injection score calculation with configurable thresholds

Real-time validation: Every SQL query receives an injection score and leakage risk assessment. Your product gets full visibility into security metadata before executing.