Connectors · Palantir Private Preview

Palantir AIP

Rencore monitors Palantir AIP across 14 governance policies, 9 reports, and 17 inventories, detecting ontology risks, access issues, and resource sprawl automatically.

AI & Agents

Published 16 May 2026 For Head of IT, CISO, CIO / CXO

Palantir AIP is in private preview. Join the waiting list and we will reach out when access opens up.

Join the waiting list

Rencore Palantir AIP governance is a set of 14 policies, 9 reports, 11 segments, and 17 inventories that audit Palantir's Artificial Intelligence Platform for ontology governance, access control gaps, and resource management issues. It detects objects with excessive permissions, users without proper role assignments, and resources consuming capacity without recent activity.

51 governance capabilities: 17 inventories · 14 policies · 9 reports · 11 segments

Why govern Palantir AIP with Rencore

Govern ontology access

Detect objects and datasets with excessive permissions, access grants that bypass organizational policies, and ontology resources shared beyond their intended audience.
Control user access

Find users with excessive roles, accounts not linked to Entra ID, and external users without documented business justification. Enforce consistent identity governance.
Track resource utilization

Reports show resource usage trends, most active datasets, user activity patterns, and capacity consumption. Identify resources that need cleanup or access review.

What Rencore discovers

Rencore automatically inventories these Palantir AIP object types.

Palantir Instance

Individual deployment of the Palantir Foundry platform, representing a distinct environment with its own organizations, users, and resources.
Palantir Organization

A Palantir Foundry Organization representing a logical grouping of users and resources.
Palantir User

A User represents individual user or service account in Foundry.
Palantir Group

A Group in Palantir Foundry used for organizing users and managing permissions.
Palantir Space

A Space in Palantir Foundry representing a top-level container for Projects and resources.
Palantir Project

A Project in Palantir Foundry representing a container for related resources and workflows.
Palantir Agent

An AIP Agent created in AIP Agent Studio for conversational AI interactions.
Palantir Agent Session

A conversation session with an AIP Agent, tracking exchanges between users and agents.
Palantir Marking

A security marking used to restrict resource access in Palantir Foundry.
Palantir Ontology

An Ontology in Palantir Foundry representing a data model with object types, properties, and relationships.
Palantir Marking Category

A category for organizing security markings in Palantir Foundry.
Palantir Session Content

Conversation content for an AIP Agent session, containing user messages and agent responses.
Palantir Session Trace

Execution trace showing the sequence of steps an AIP Agent took to generate a response, including context retrieval and tool calls.
Palantir Log File

An audit log file containing security and compliance events from Palantir Foundry.
Palantir Audit Event

Individual security and compliance event from Palantir Foundry audit logs, tracking who did what, when, and where.
Palantir Authentication Provider

Authentication provider configuration for Palantir Foundry user login (SAML or OIDC).
Palantir Organization Role

A role that can be assigned to principals for Palantir Organizations. Roles are sets of permissions that grant different levels of access.

How Palantir AIP governance works in Rencore

Rencore connects to Palantir AIP via the Palantir API and inventories ontology objects, datasets, users, roles, and resources. Policies run on every scan cycle and evaluate each resource against governance rules, flagging access control, security, and operational issues.

Who uses Palantir AIP governance

CISOs use it to audit ontology access controls and enforce least-privilege principles. Heads of IT track resource utilization and identify capacity optimization opportunities. CIOs use the reports alongside other AI platform data for their enterprise AI governance view.

Getting started

Provide Rencore with Palantir API credentials. All 14 policies activate on first scan, covering ontology objects, users, roles, and resources automatically.

Policies

14 governance rules that detect violations and risks.

Severity Category

Disabled Authentication Provider

Identifies Palantir Foundry authentication providers that are disabled, which may block user login or indicate a configuration gap in the identity infrastructure

High Security
Organization without Security Marking

Identifies Palantir organizations that have no security marking assigned, leaving data without an access classification boundary

High Security
Deleted User Retains Group Membership

Flags deleted Palantir users who still hold group memberships, which can grant indirect access to markings, spaces, and resources

High User Offboarding
Unused AIP Agent (90 days)

Flags Palantir AIP Agents with no user sessions in the last 90 days as candidates for cleanup to reduce environment sprawl

Medium Sprawl
Trashed Project Pending Cleanup (30 days)

Identifies projects that have been in the trash for more than 30 days and are candidates for permanent deletion

Medium Sprawl
Project Not Linked to Organization

Flags active Palantir projects that have no organizational association, leaving them outside any defined access control boundary

Medium Operation
Active user without organization role

Detects active Palantir users who have no explicit organization role assignment

Medium Security
Marking without description

Detects Palantir security markings that lack a description documenting their purpose

Medium Operation
Organization without active users

Detects Palantir organizations that have no active user members

Medium Sprawl
Agent Missing Description

Flags AIP Agents without a description, making governance, impact assessment, and cleanup reviews more difficult

Low Operation
Project with No Recent Activity (90 days)

Identifies active Palantir projects not updated in 90 days as candidates for archival or review

Low Sprawl
Marking without Category

Flags Palantir security markings that are not associated with any marking category, reducing governance clarity for access control classification

Low Operation
Group without active members

Detects Palantir security groups with no user members

Low Sprawl
Space without projects

Detects Palantir spaces that contain no projects

Low Sprawl

Need a rule that isn't listed? Rencore's Policy Builder lets you create custom policies tailored to your organization. Learn more about the Policy Builder

Reports

9 analytics views and dashboards.

Users by Status

Distribution of Palantir Foundry users by account status (ACTIVE vs DELETED)

Donut Chart · Adoption
Projects per Space

Number of active projects in each Palantir Foundry space

Bar Chart · Adoption
Active Users per Organization

Number of active Palantir users per organization

Bar Chart · Adoption
Agent Sessions by Agent

Number of conversation sessions per Palantir AIP Agent, showing which agents are most actively used

Bar Chart · Adoption
Total Tokens Used per Session

Total LLM token consumption per agent session, identifying the most resource-intensive conversations

Bar Chart · Adoption
Weekly Agent Session Trend (90 days)

Weekly count of Palantir AIP Agent conversations over the last 90 days to track adoption and usage trends

Column Chart · Adoption
Audit Events by Category

Count of Palantir Foundry audit events grouped by event category (e.g. dataExport, userLogin, authorizationCheck)

Column Chart · Operation
Groups per Instance

Number of security groups in each Palantir Foundry instance

Bar Chart · Operation
Markings per Category

Distribution of Palantir security markings across marking categories

Donut Chart · Operation

Segments

11 data groupings for targeted filtering.

Deleted Palantir Users

All user accounts in Palantir Foundry with a DELETED status
Active Users without Group Membership

Active Palantir users who are not a member of any group
All AIP Agents

All AI agents created in Palantir AIP Agent Studio
Disabled Authentication Providers

SSO authentication providers configured in Palantir Foundry that are currently disabled
Trashed Projects

Palantir Foundry projects that have been directly moved to the trash
Recently Created Projects (30 days)

Palantir Foundry projects created within the last 30 days
Mandatory Marking Categories

Palantir Foundry marking categories that enforce mandatory access control (all markings must be satisfied)
CBAC Marking Categories

Palantir Foundry marking categories using capability-based access control (any marking satisfies access)
Spaces without Projects

Palantir Foundry spaces that do not contain any projects
Active Palantir Users

All user accounts in Palantir Foundry with an ACTIVE status
Failed Audit Events

Palantir Foundry audit events where the action resulted in a failure

Frequently asked questions

Does Rencore support governance for AI tools beyond Microsoft Copilot?

Yes. Rencore connects to Claude, OpenAI, Gemini, GitHub Copilot, Cursor, Windsurf, AWS Bedrock, Azure AI Foundry, and other AI platforms. Each connector provides tailored policies for cost management, security, adoption tracking, and access control, giving IT a unified governance view across all AI tools the organization uses.

What is Rencore governance?

Rencore governance is a SaaS platform that continuously monitors your Microsoft 365 tenant for policy violations, configuration drift, and security risks across SharePoint, Teams, Power Platform, Copilot, and AI Agents. It automates compliance evidence collection, surfaces oversharing and sprawl, and provides actionable remediation workflows, reducing manual audit effort by up to 80%.

How do Rencore policies work?

Rencore ships with hundreds of pre-built policies that detect governance violations across every connector, oversharing, sprawl, cost overruns, security risks, and compliance gaps. Policies run on a continuous schedule, evaluate each discovered object against configurable rules, and flag violations with severity (High, Medium, Low), category, and a recommended action.

Trusted by