Connecting to databases (JDBC)
With the Celonis Platform you can connect to a number of SQL databases via a JDBC connector.
For an overview of commonly supported databases and their features, see: Supported database connections.
Database connection types
The following connection types between databases and the Celonis Platform are available:
Direct connection: Use this when you want to allow the Celonis Platform to directly access your database.
For more information about direct database connections, see: Connecting to a database
Uplinked connection via an on-premise extractor: Use this when you don't want to or can't allow the Celonis Platform to directly access your database. The connection is then established using an on-premise extractor, allowing you to continuously fetch data from your database and send it to the Celonis Platform.
The role of the extractor is to poll and fetch job requests from the Celonis Platform, before then submitting the execution information the the database via an SQL query. Once the data is retrieved from the database, the extractor fetches it and sends it back to the Celonis Platform. As such, the connection between the database and the Celonis Platform is always made by the extractor, with it continously quering the Celonis Platform for any extractions to execute.
For more information about uplinked database connections, see: Connecting to a database
In many cases, you can connect to these databases just using the extractor provided by Celonis, however there some that require you to download the JDBC connector or driver from the database provider. In these cases, consider the below connection types:
Connecting using a custom JDBC string: You can connect to your database using a custom JDBC string, allowing you to extend the settings offered by our extractor builder. This is useful for when you want to configure SSL, add certificates, or use .jks files for your database connection.
To learn how to connect to your database using a custom JDBC string, see: Using custom JDBC string.
Connecting using a custom JDBC driver: You can connect to your database using a custom JDBC driver, allowing you to extend the settings offered by our extractor builder. This requires you to use an uplinked connection (using an on-premise extractor), with the custom driver being supplied by you.
To learn how to connect to your database using a custom JDBC driver, see: Using custom JDBC driver.
Accessing the JDBC extractor package
The JDBC extractor is available to download from the Celonis Download portal for users with MANAGE DOWNLOAD PORTAL permissions in their Celonis Platform team.
With the necessary permissions, you can access the Download Portal by clicking Admin & Settings and then clicking Download Portal:
 |
Once in the Download Portal, you'll find the latest versions of the JDBC extractor:
 |
When connecting your database to the Celonis Platform, the following security considerations apply:
Communication protocol: The extractor server connects to the Celonis Platform for data extraction (full load or delta load) HTTPS encrypted via TLS 1.2, port 443.
Encryption protocol: The TLS 1.2 protocol is used for encryption.
Encryption in transit: This is primarily handled by the JDBC driver issued from the database provider, so further information should be available in their respective official documentation. For most databases, this can be activated by adding a JDBC connection parameter (for example: encrypt=true) when configuring the data connection in the Celonis Platform.
For some databases, such as Snowflake, the in-transit encryption is automatically enforced by the database server and doesn't need to be configured.
Data pseudonymization: Pseudonymization is handled by the extractor before the data is written to parquet files and inserted into the Celonis Platform.
Direct database connections: This happens when the files are sent to the cloud.
Uplinked connections: This happens on-premise on the extractor server.
Credential storage: Username and password information is converted to a byte array and encrypted with a tenant specific ID.