Make JD Edwards agent-ready
Connect the AI your company already uses — Claude, ChatGPT, Microsoft Copilot, Gemini or the built-in OrchestratorBot Copilot — to JD Edwards. Your approved Orchestrations become safe, audited AI tools. Nothing more, nothing less.
Read broadly. Write deliberately.
Built on the platform already running JD Edwards apps and approvals in production across Europe and the Americas.
AI wants to talk to your ERP. Who’s in control?
Your teams are rolling out Copilot, ChatGPT Enterprise and Claude. The first thing they’ll ask: “can it check JD Edwards?” The second thing your auditors will ask: “what exactly can it do in there?”
ERP vendors themselves are adopting the Model Context Protocol as the standard bridge between AI and ERP. The question is no longer if AI connects to JD Edwards — it’s how safely.
Giving AI raw ERP access is easy — and reckless.
An agent with a user’s full JDE permissions operates at machine speed across every screen that user can touch. Human permissions were never designed for autonomous tools.
Blocking AI entirely isn’t an answer either.
The productivity is real: instant answers on orders, inventory, invoices and work orders — without waiting for a report or clicking through five applications.
The answer is a control plane.
JD Edwards security is necessary but not sufficient for agents. The AI Gateway adds a second layer: your organization decides which capabilities AI may use, how far reads may go, and which writes require a human yes.
Your Orchestrations become AI tools — governed by you
OrchestratorBot already runs your imported JD Edwards Orchestrations as no-code apps. The AI Gateway publishes those same approved capabilities to AI — one import, two surfaces, one audit trail.
Curated capabilities
Enable an imported Orchestration as an AI tool in minutes. AI drafts the tool description from your orchestration’s metadata; your admin reviews and approves. Nothing is AI-callable by default.
Governed ad-hoc questions
Beyond curated tools, an optional query capability answers the long tail — “all open orders for this customer above €50k” — under table allowlists, field masking, row limits and daily budgets. Read-only, always.
Writes behind confirmation
Transactions run only through Orchestrations you approved, and only after the user confirms a preview of exactly what will execute. Enforced in the platform, not promised in a policy document.
Bring your own AI
One secure MCP endpoint per tenant. Your users connect from Claude, ChatGPT, Microsoft Copilot or Gemini — signing in with your own identity provider. No new chat app to roll out.
Built-in Copilot
No enterprise AI platform yet? The OrchestratorBot Copilot delivers the same tools in our web and Teams apps — with your choice of model, hosted in the EU.
Everything audited
Every AI action logs who asked, which capability ran, with which parameters, what JDE returned, and — for writes — who confirmed. Exportable for your auditors.
One governed path from JDE to AI
Four steps to a governed AI surface
Import
Your JD Edwards Orchestrations are already in OrchestratorBot — the same ones powering your apps today.
Enable
Flip “expose as AI tool” on the capabilities you choose. Review the AI-drafted description, set who may use it, approve. Point capabilities at the right JDE environment — prove it in DV or PY before PD.
Connect
Add your tenant’s OrchestratorBot endpoint to Claude, ChatGPT, Copilot or Gemini — or just open the OrchestratorBot Copilot. Users sign in with your IdP.
Ask & act
Users ask in plain language. Reads answer instantly. Writes show a preview and wait for a human yes. Everything lands in the audit log.
AI never sees your AIS credentials. AI never calls arbitrary endpoints. AI does only what you approved — and you can prove it.
Not every AI-for-JDE approach is equal
The market is moving fast, and four patterns are emerging. Ask the same three questions of each: who approved what the AI can do, what happens on a write, and what will your auditor see?
Generic ERP connectors
- Universal search / create / update verbs across many systems
- Fast to connect, but writes are generic API calls — no business-level approval, no confirmation step
- Governance = whatever the service account may do
Build-your-own MCP servers
- Full control, small and auditable — a sound engineering philosophy
- But multi-tenant identity, OAuth, budgets, masking and audit export are the real 70% of the work
- You own an integration project, permanently
AI platforms with their own chat
- Powerful assistants and agents inside a new destination app
- Another interface to roll out, another identity silo, another place your data lives
- Your users already have Copilot, ChatGPT or Claude — will they use a second chat?
Governed AI gateway
- Your existing AI platform connects to your approved JDE capabilities
- Business-level tools, not generic verbs — writes always preview-and-confirm
- Organization-level policy, budgets, masking and audit — provable, exportable
We built the fourth. Deliberately.
One conversation, four guarantees
The refusal is the feature. That’s what governed means.
JDE security plus your AI policy
Every action runs under the user’s own JD Edwards identity — application, row and column security fully apply. The Gateway adds the agent-grade controls on top.
Capability allowlisting
Opt-in per orchestration; nothing exposed by default.
Mandatory write confirmation
Platform-enforced, not configurable away.
Field masking & sensitive-table protection
Bank, HR and tax data denied by default.
Rate limits & daily budgets
Agent-speed access, human-scale volumes.
Immutable audit with export
Every call, every parameter, every confirmation.
Data residency, your choice
Per-tenant deployment: EU (AWS Frankfurt) by default — GDPR-native — or a US region for US-based organizations. Model inference follows the same choice.
Your model, your data path
Choose where inference runs: EU-hosted models on AWS Bedrock in your tenant's region — Frankfurt for EU, US regions for US tenants — via the built-in Copilot — JDE data stays in-region end to end — or the enterprise AI platform your organization already approved. Your data is never used to train models. Every data path is documented, so your security team reviews facts, not promises.
Frequently asked questions
The Model Context Protocol is the open standard (Linux Foundation) that AI platforms — Claude, ChatGPT, Copilot, Gemini — use to connect to enterprise systems. OrchestratorBot exposes your approved JDE capabilities as one MCP endpoint, so any of these platforms can work with JD Edwards without custom integrations — and without direct AIS access.
Both — and that’s the difference. Many ERP AI connectors stop at read-only analytics. The AI Gateway also executes transactions: raising orders, releasing holds, creating records — exclusively through Orchestrations you approved, behind preview-and-confirm, fully audited.
Yes — deliberately. Writes run exclusively through Orchestrations your admin approved, always behind a preview-and-confirm step, always audited. There is no generic write access, by design.
No. Every call executes under the user’s own JDE identity; E1 application, row and column security fully apply. The Gateway adds organizational policy on top — it never replaces ERP security.
Any MCP-capable host: Claude, ChatGPT, Microsoft Copilot, Gemini and others — plus the built-in OrchestratorBot Copilot (model of your choice, including EU-hosted options on AWS Bedrock).
No. If your Orchestrations are imported into OrchestratorBot, enabling them as AI tools is an admin review step, not a development project.
Wherever you decide. Each tenant's Gateway is deployed in a chosen AWS region — EU (Frankfurt) by default, US regions for US-based organizations. With the built-in Copilot on in-region models, JDE data stays inside that region end to end and is never used for model training. With bring-your-own-AI, data flows only to the enterprise AI platform your organization already approved — and to nowhere else. EU affiliates of US groups and US affiliates of EU groups are both first-class citizens: residency is set per tenant, so a multinational can run both.
The AI Gateway is in early access with pilot customers now. Join the program to get on the pilot list — directly or through your JD Edwards partner.
Yes — OrchestratorBot provides a governed MCP server for JD Edwards. Unlike generic connectors that expose universal create/read/update verbs, it publishes the specific business capabilities your organization approved — your own Orchestrations as named, described, role-bound tools, with mandatory confirmation on writes and a full audit trail.
Legitimate concern — and you have real choices. With the built-in Copilot on EU-hosted models (AWS Bedrock, Frankfurt), your JDE data stays in-region end to end and is never used for model training. With bring-your-own-AI, data flows only to the enterprise AI platform your organization already vetted and licensed — under its enterprise data terms — and to nowhere else. Either way, the Gateway’s masking and sensitive-table protections apply before any data reaches a model.
You could — the protocol is open, and a proof of concept is genuinely quick. What takes the real effort is everything around it: multi-tenant OAuth with your IdP, mapping AI identity to JDE users so E1 security applies, per-role tool filtering, write confirmation, budgets, masking, audit export, and keeping it all patched as the MCP spec evolves. That’s the part we productized — so enabling AI is an admin task, not an integration program.
Your JDE. Your AI. Your rules.
Join the AI Gateway early access program — first pilots are onboarding now, directly or via our partner network.
Request early accessNo customizations · Works with your existing Orchestrations · EU or US hosting · Partner-delivered or direct