Nimi Website

Client

Natoma

A Top 10 Auto-Rewards Fintech Platform in the U.S.

A Leading U.S. Health-Benefits Fintech Provider

Year

2023-2026

Scope of work

Enterprise Integrations

From Identity Security to Agentic AI Infrastructure - Building the Integrations That Helped Natoma Scale to a Snowflake Acquisition

A multi-phase engagement — spanning enterprise identity and access integrations through to production-ready MCP servers for platforms like Coupa and ServiceNow.

View live website →

Confidentiality Notice : The client’s actual name, brand identifiers, and sensitive product details have been intentionally redacted to protect privacy and uphold confidentiality.

Company Overview

The control layer for enterprise AI agents.

Natoma is an AI infrastructure and security company that helps enterprises build, govern, and scale AI agents across complex technology stacks. Founded in 2024, Natoma set out to solve one of the hardest unsolved problems in enterprise AI: how do you let AI agents safely access the tools, data, and applications they need — without sacrificing security, auditability, or control?

Their platform became the answer to a question every enterprise was starting to ask: as AI agents move from pilots into production, who governs what they can see, do, and access? Natoma built the centralized control layer — enforcing identity, policy, and audit at the tool-call level through the emerging Model Context Protocol (MCP) standard.

Nimi Solutions partnered with Natoma across multiple phases of growth — beginning with enterprise identity and access integrations, and later expanding into production-ready MCP integrations for platforms including Coupa and ServiceNow. The platform was already deployed at some of the world's largest enterprises, delivering the scale, visibility, and policy enforcement required to securely operate agentic systems in production.

In May 2026, Snowflake signed a definitive agreement to acquire Natoma — extending Snowflake's governance perimeter from data assets to AI-driven actions and workflows across the enterprise. A direct validation of both the product's strategic importance and the size of the problem it was built to solve.

Outcome · May 2026

Natoma → Snowflake

Snowflake signed a definitive agreement to acquire Natoma — bringing its Enterprise MCP platform in as a natively integrated governance and identity layer for AI.

Why this work matters

The challenge isn't intelligence anymore — it's governance.

96%

of organizations still face significant challenges scaling AI across the enterprise.

Snowflake research

The rise of agentic AI has created a new category of enterprise risk that most organizations are unprepared for. AI agents can now autonomously query databases, execute workflows, trigger approvals, and act across dozens of enterprise systems. The challenge isn't intelligence anymore — it's governance.

Snowflake's own research found that 96% of organizations still face significant challenges scaling AI across the enterprise. MCP has introduced new challenges around fragmented governance, shadow AI, and increased data exfiltration risk as agents connect across systems. Snowflake's acquisition of Natoma was a direct response to this gap.

The work Nimi Solutions delivered sits at the heart of this. By building the integrations that connected Natoma's platform to real enterprise systems, we helped translate a powerful security vision into working infrastructure — the kind enterprise customers could trust, audit, and rely on in production.

Phase 01

Enterprise Identity & Access Integrations

Before MCP became the dominant paradigm for AI agent connectivity, the foundational challenge was simpler and just as hard: gaining comprehensive, reliable visibility into who — and what — has access to what across an enterprise environment. Non-human identities (service accounts, API keys, OAuth tokens, machine credentials) had proliferated without centralized oversight.

Nimi Solutions worked directly alongside Natoma's engineering team to design and build the integrations that gave the platform its data foundation: connecting to critical enterprise platforms and reliably extracting the identity, permission, and activity information needed for meaningful security analysis.

Platforms integrated

Enterprise platforms connected in Phase 01

Connected platforms

Google Workspace Azure AD Salesforce Snowflake GitHub GitLab Splunk

The Challenge

Target Audience

Our challenge was clear

Diverse Authentication Mechanisms

Every enterprise platform had a different security model. OAuth 2.0, OIDC, API keys, client credentials, service accounts, proprietary auth; each required a purpose-built approach while the user-facing experience stayed consistent

Inconsistent APIs and Data Structures

Users, roles, permissions, groups, and audit logs were organized differently on every platform. Some offered comprehensive APIs; others exposed only partial access. Standardizing data collection across providers required significant platform-by-platform analysis

Fitting Into an Existing Framework

Natoma had already built reusable integration patterns and adapters. New integrations had to align with this architecture while still accommodating each provider's unique characteristics, balancing reuse with the flexibility that real-world APIs demand.

Audit Log Variability

Audit and activity data was among the most valuable inputs for the platform, but availability varied enormously. Dedicated audit APIs, event streams, webhooks, limited logging; each platform required a tailored strategy to extract maximum value.

Connecting enterprise, securely

The Nimi Solution

Seven enterprise platforms. One unified integration framework.

Nimi's team embedded directly with Natoma engineers to ship integrations for seven enterprise platforms — and across each one, the work ran deep.

Platforms integrated

Google Workspace

Azure AD

Microsoft Entra ID

Salesforce

Snowflake

GitHub

GitLab

Splunk

Google Workspace

Azure AD

Microsoft Entra ID

Salesforce

Snowflake

GitHub

GitLab

Splunk

Across each platform, the work covered

Secure authentication flows

OAuth 2.0, OIDC, API keys, and client credentials — implemented per platform's security model.

Identity metadata retrieval

Pulling user and identity data from each platform into a unified data model.

Roles & permissions

Collecting roles, permission structures, and group memberships across every connected system.

Audit & activity logs

Gathering available audit and activity data from each platform's logging surface.

Service account discovery

Surfacing service accounts and access tokens that previously went unmonitored.

Reusable framework patterns

Contributing patterns back to Natoma's integration framework for future platform expansion.

Phase 02

Enterprise MCP Integrations

By 2025, MCP had emerged as the standard protocol for connecting AI agents to enterprise systems. For Natoma, this opened a new and urgent opportunity: building the production-ready MCP servers that would let AI agents interact with enterprise applications safely and predictably.

Natoma's goal was to become the governance and connectivity layer between AI agents and the enterprise tools companies rely on most. Nimi Solutions was brought in to design and deliver MCP integrations for two major platforms — Coupa and ServiceNow — each a completely different integration challenge.

MCP servers delivered

Production-ready MCP servers built in Phase 02

Platforms connected

Coupa ServiceNow Streamable HTTP stdio NestJS MCP SDK

The Challenge

Target Audience

Our challenge was clear

A Rapidly Evolving Protocol

MCP was new, and its standards were still evolving. Building production-grade integrations required rapidly learning the protocol's transport models, tool patterns, and AI interaction conventions; while shipping working software on an enterprise timeline.

Two Platforms, Two Completely Different Problems

Coupa required a full MCP server built from scratch. ServiceNow required modernizing and adapting an existing open-source implementation. No shared playbook existed; each needed its own architectural approach.

Enterprise Deployment Expectations

Enterprise environments required support for both Streamable HTTP and stdio MCP transport models and consistent, predictable tool behavior across both deployment scenarios.

Authentication Without Ownership

The integrations needed to forward OAuth bearer tokens per request; without holding, managing, or refreshing them. This stateless model preserved enterprise security boundaries while still enabling secure, authenticated connectivity.

Making Enterprise APIs AI-Friendly

Raw enterprise APIs were built for human-facing workflows, not AI consumption. Inconsistent schemas, complex filtering patterns, and multi-step processes had to be abstracted into clean, predictable MCP tools that AI agents could use reliably.

Book a Call with Nimi →View live Website →

The Nimi Solution

Two platforms. Two completely different builds. One framework.

Nimi Solutions designed and delivered production-ready MCP integrations for Coupa and ServiceNow — each requiring its own architectural approach, shipped to enterprise standards.

What we built

Coupa MCP Server — Built from Scratch

Designed and implemented a fully custom MCP server for Coupa using NestJS and the official MCP SDK, exposing procurement, supplier, requisition, invoice, and purchase order workflows through structured, AI-optimized MCP tools.

ServiceNow MCP Modernization

Refactored an existing open-source ServiceNow MCP implementation to support stateless Streamable HTTP architecture and enterprise-compatible authentication patterns — transforming a prototype into a production-ready integration.

Stateless Authentication Architecture

Implemented a secure model where OAuth lifecycle management stays external while MCP servers forward bearer tokens per request — compatible with enterprise OAuth ownership patterns, without introducing server-side credential storage.

Multi-Transport Support

Delivered compatibility across both Streamable HTTP and stdio MCP transport models, ensuring the integrations could be deployed across different enterprise AI environments without rework.

Provider-Based Architecture

Designed the Coupa MCP server with a provider pattern that allows seamless switching between mock data environments and live Coupa API integrations — without changing any MCP tool behavior, accelerating development, testing, and deployment.

AI-Optimized Tooling

Translated complex enterprise workflows — approvals, ticketing, procurement, supplier management — into consistent, structured MCP tools that AI agents could invoke reliably and predictably.

Immersive Gameplay Experience

We designed an immersive user experience for four game types — Wolf, Nassau, Round Robin, and Skins. Our team integrated GHIN APIs to deliver real-time data on golf course layouts, handicaps, and game performance, allowing users to see their progress and location on the course.

Real-Time Scorecard System

Our redesigned scorecard feature eliminates the need for paper scorekeeping. With real-time updates, users can track their scores effortlessly. We ensured the UI was clean, with minimal distractions, allowing users to focus on the game and enjoy their experience with friends.

Testimonials

Client success story

''thank you for all of your help, support and partnership! We love Nimi''

Will Potter

engineering, ai, data, security @ snowflake

Ready to Turn Your App Vision into Reality?

Partner with a team of skilled experts to bring your app ideas to life. From concept to launch, we deliver robust apps with cutting-edge features, fully tailored to your business needs.

Let’s build something exceptional together.

Book a Call with Nimi

From Identity Security to Agentic AI Infrastructure - Building the Integrations That Helped Natoma Scale to a Snowflake Acquisition

The control layer for enterprise AI agents.

The challenge isn't intelligence anymore — it's governance.

Enterprise Identity & Access Integrations

Seven enterprise platforms. One unified integration framework.

Enterprise MCP Integrations

Two platforms. Two completely different builds. One framework.

Testimonials

Client success story

Ready to Turn Your App Vision into Reality?

Follow Us

Headquarters

Headquarters

Follow Us

Headquarters