Merge branch 'main' into regenerate-api-inference-docs

Author: Wauplin

docs/hub/_toctree.yml

@@ -279,6 +279,10 @@
         title: Tabby on Spaces
       - local: spaces-sdks-docker-giskard
         title: Giskard on Spaces
+      - local: spaces-sdks-docker-evidence
+        title: Evidence on Spaces
+      - local: spaces-sdks-docker-marimo
+        title: marimo on Spaces
   - local: spaces-embed
     title: Embed your Space
   - local: spaces-run-with-docker
@@ -321,27 +325,27 @@
       title: Organization Cards
     - local: organizations-security
       title: Access Control in Organizations
-    - local: enterprise-hub
-      title: Enterprise Hub
-      sections:
-      - local: enterprise-sso
-        title: Single Sign-On (SSO)
-      - local: audit-logs
-        title: Audit Logs
-      - local: storage-regions
-        title: Storage Regions
-      - local: enterprise-hub-datasets
-        title: Dataset viewer for Private datasets
-      - local: enterprise-hub-resource-groups
-        title: Resource Groups (Access Control)
-      - local: advanced-compute-options
-        title: Advanced Compute Options
-      - local: enterprise-hub-advanced-security
-        title: Advanced Security
-      - local: enterprise-hub-tokens-management
-        title: Tokens Management
-      - local: enterprise-hub-analytics
-        title: Analytics
+  - local: enterprise-hub
+    title: Enterprise Hub
+    sections:
+    - local: enterprise-sso
+      title: Single Sign-On (SSO)
+    - local: audit-logs
+      title: Audit Logs
+    - local: storage-regions
+      title: Storage Regions
+    - local: enterprise-hub-datasets
+      title: Dataset viewer for Private datasets
+    - local: enterprise-hub-resource-groups
+      title: Resource Groups (Access Control)
+    - local: advanced-compute-options
+      title: Advanced Compute Options
+    - local: enterprise-hub-advanced-security
+      title: Advanced Security
+    - local: enterprise-hub-tokens-management
+      title: Tokens Management
+    - local: enterprise-hub-analytics
+      title: Analytics
   - local: billing
     title: Billing
   - local: security

docs/hub/advanced-compute-options.md

@@ -1,15 +1,28 @@
 # Advanced Compute Options
 
-Enterprise Hub organizations gain access to advanced compute options to accelerate their machine learning journey.
-
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
+Enterprise Hub organizations gain access to advanced compute options to accelerate their machine learning journey.
+
 ## Host ZeroGPU Spaces in your organization
 
 ZeroGPU is a dynamic GPU allocation system that optimizes AI deployment on Hugging Face Spaces. By automatically allocating and releasing NVIDIA A100 GPUs (40GB VRAM) as needed, organizations can efficiently serve their AI applications without dedicated GPU instances.
 
+<div class="flex justify-center" style="max-width: 550px">
+  <img
+    class="block dark:hidden !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/advanced-compute-options-zero.png"
+    alt="screenshot of Hugging Face Advanced Compute Options (ZeroGPU)"
+  />
+  <img
+    class="hidden dark:block !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/dark-advanced-compute-options-zero.png"
+    alt="screenshot of Hugging Face Advanced Compute Options (ZeroGPU)"
+  />
+</div>
+
 **Key benefits for organizations**
 
 - **Free GPU Access**: Access powerful NVIDIA A100 GPUs at no additional cost through dynamic allocation

docs/hub/audit-logs.md

@@ -1,12 +1,23 @@
 # Audit Logs
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
 Audit Logs enable organization admins to easily review actions taken by members, including organization membership, repository settings and billing changes.
 
-![](https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/audit-logs.png)
+<div class="flex justify-center" style="max-width: 550px">
+  <img
+    class="block dark:hidden !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/audit-logs.png"
+    alt="screenshot of Hugging Face Audit Logs feature"
+  />
+  <img
+    class="hidden dark:block !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/dark-audit-logs.png"
+    alt="screenshot of Hugging Face Audit Logs feature"
+  />
+</div>
 
 ## Accessing Audit Logs
 

docs/hub/enterprise-hub-advanced-security.md

@@ -1,12 +1,12 @@
 # Advanced Security
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
 Enterprise Hub organizations can improve their security with advanced security controls for both members and repositories.
 
-<div class="flex justify-center">
+<div class="flex justify-center" style="max-width: 550px">
     <img class="block dark:hidden !m-0" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/advanced-security.png" alt="screenshot of the Dataset Viewer on a private dataset owned by an Enterprise Hub organization."/>
     <img class="hidden dark:block !m-0" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/advanced-security-dark.png" alt="screenshot of the Dataset Viewer on a private dataset owned by an Enterprise Hub organization."/>
 </div>

docs/hub/enterprise-hub-analytics.md

@@ -1,14 +1,14 @@
 # Analytics
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
 ## Analytics Dashboard
 
 Track all your repository activity with a detailed downloads overview that shows total downloads for all your Models and Datasets. Toggle between "All Time" and "Last Month" views to gain insights into your repository's downloads over different periods.
 
-<div class="flex justify-center">
+<div class="flex justify-center" style="max-width: 550px">
 <img class="block dark:hidden !m-0" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise-analytics.png" alt="screenshot of the Dataset Viewer on a private dataset owned by an Enterprise Hub organization."/>
 <img class="hidden dark:block !m-0" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise-analytics-dark.png" alt="screenshot of the Dataset Viewer on a private dataset owned by an Enterprise Hub organization."/>
 </div>

docs/hub/enterprise-hub-datasets.md

@@ -1,14 +1,14 @@
 # Datasets
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
-The Dataset Viewer is enabled on private datasets owned by an Enterprise Hub organization. 
+The Dataset Viewer is enabled on private datasets owned by an Enterprise Hub organization.
 
 The Dataset Viewer allows teams to understand their data and to help them build better data processing and filtering for AI. The Viewer allows to explore the datasets content, inspect data distributions, filter by values and even search for keywords. It also includes the datasets conversion to Parquet which can be used for programmatic data visualization.
 
-See [Dataset Viewer](./datasets-viewer) for more information.
+[More information about the Dataset Viewer →](./datasets-viewer)
 
 <div class="flex justify-center">
 <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/private-dataset-viewer.png" alt="screenshot of the Dataset Viewer on a private dataset owned by an Enterprise Hub organization."/>

docs/hub/enterprise-hub-resource-groups.md

@@ -1,9 +1,32 @@
 # Resource groups
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
-Resource Groups allow Enterprise Hub organizations to enforce fine-grained access control to their repositories.
+Resource Groups allow organizations to enforce fine-grained access control to their repositories.
 
-Read the [documentation for Resource Groups under the Security section](./security-resource-groups).
+<div class="flex justify-center" style="max-width: 550px">
+  <img
+    class="block dark:hidden !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/resource-groups.png"
+    alt="screenshot of Hugging Face Single Sign-On (SSO) feature"
+  />
+  <img
+    class="hidden dark:block !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/dark-resource-groups.png"
+    alt="screenshot of Hugging Face Single Sign-On (SSO) feature"
+  />
+</div>
+
+This feature allows organization administrators to:
+
+- Group related repositories together for better organization
+- Control member access at a group level rather than individual repository level
+- Assign different permission roles (read, contributor, write, admin) to team members
+- Keep private repositories visible only to authorized group members
+- Enable multiple teams to work independently within the same organization
+
+This Enterprise Hub feature helps organizations manage complex team structures and maintain proper access control over their repositories.
+
+[Getting started with Resource Groups →](./security-resource-groups)

docs/hub/enterprise-hub-tokens-management.md

@@ -1,59 +1,54 @@
 # Tokens Management
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
-Tokens Management allows organization administrators to control access tokens within their organization, ensuring that only authorized users have access to organization resources.
-
+Tokens Management enables organization administrators to oversee access tokens within their organization, ensuring secure access to organization resources.
 
 ## Viewing and Managing Access Tokens
 
-The token listing feature provides a view of all access tokens within your organization. Administrators can:
+The token listing feature displays all access tokens within your organization. Administrators can:
 
 - Monitor token usage and identify or prevent potential security risks:
-  - unauthorized access to private resources ("leak")
-  - scopes of access that are too wide
-  - improvable token hygienics (tokens that have not been rotated in a long time, for example) 
-- Identify inactive or unused tokens that can be revoked
+  - Unauthorized access to private resources ("leaks")
+  - Overly broad access scopes
+  - Suboptimal token hygiene (e.g., tokens that have not been rotated in a long time)
+- Identify and revoke inactive or unused tokens
 
 <div class="flex justify-center">
     <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-list.png" />
     <img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-list-dark.png" />
 </div>
 
-
-Fine-grained tokens can be reviewed to see their permissions:
+Fine-grained tokens display their specific permissions:
 
 <div class="flex justify-center">
     <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-detail.png" />
     <img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-detail-dark.png" />
 </div>
 
+## Token Policy
 
-## Token policy
-
-With Tokens Management, Enterprise org admins can decide which of the following policies they want to enforce:
-
-| **Policy** | **Unscoped (Read/Write) Access Tokens** | **Fine-Grained Tokens** |
-| --- | --- | --- |
-| **Allow access via User Access Tokens (default)** | Authorized | Authorized |
-| **Only access via fine-grained tokens** | Unauthorized | Authorized |
-| **Do not require administrator approval** | Unauthorized | Authorized |
-| **Require administrator approval** | Unauthorized | Unauthorized without an approval (except for admin-created) |
+Enterprise organization administrators can enforce the following policies:
 
+| **Policy**                                        | **Unscoped (Read/Write) Access Tokens** | **Fine-Grained Tokens**                                     |
+| ------------------------------------------------- | --------------------------------------- | ----------------------------------------------------------- |
+| **Allow access via User Access Tokens (default)** | Authorized                              | Authorized                                                  |
+| **Only access via fine-grained tokens**           | Unauthorized                            | Authorized                                                  |
+| **Do not require administrator approval**         | Unauthorized                            | Authorized                                                  |
+| **Require administrator approval**                | Unauthorized                            | Unauthorized without an approval (except for admin-created) |
 
 <div class="flex justify-center">
     <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-policy.png" />
     <img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-policy.png" />
 </div>
 
-
 ## Reviewing Token Authorization
 
-When your token policy is set to "Require administrator approval", organization administrators can view the details of all fine-grained tokens with access to resources owned by the organization. They can also revoke access to those tokens. Organization administrators will receive an email when an authorization is requested for a fine-grained token.
+When token policy is set to "Require administrator approval", organization administrators can review details of all fine-grained tokens accessing organization-owned resources and revoke access if needed. Administrators receive email notifications for token authorization requests.
 
-When a token is revoked or denied, the user who created the token will receive an email notification.
+When a token is revoked or denied, the user who created the token receives an email notification.
 
 <div class="flex justify-center">
     <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/hub/tokens-management-review.png" />

docs/hub/enterprise-hub.md

@@ -1,12 +1,19 @@
 # Enterprise Hub
 
+<Tip>
+<a href="https://huggingface.co/enterprise" target="_blank">Subscribe to Enterprise Hub</a> to get access to advanced features for your organization.
+</Tip>
+
 Enterprise Hub adds advanced capabilities to organizations, enabling safe, compliant and managed collaboration for companies and teams on Hugging Face.
 
-![](https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/enterprise-hub.png)
+<a href="https://huggingface.co/enterprise" class="flex justify-center">
+    <img class="block dark:hidden" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/enterprise-header.png" />
+    <img class="hidden dark:block" src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/dark-enterprise-header.png" />
+</a>
 
 In this section we will document the following Enterprise Hub features:
 
-- [SSO](./enterprise-sso)
+- [Single Sign-On (SSO)](./enterprise-sso)
 - [Audit Logs](./audit-logs)
 - [Storage Regions](./storage-regions)
 - [Dataset viewer for Private datasets](./enterprise-hub-datasets)

docs/hub/enterprise-sso.md

@@ -1,7 +1,32 @@
 # Single Sign-On (SSO)
 
 <Tip warning={true}>
-This feature is part of the <a href="https://huggingface.co/enterprise" target="_blank">Enterprise Hub</a>.
+This feature is part of the <a href="https://huggingface.co/enterprise">Enterprise Hub</a>.
 </Tip>
 
-Read the [documentation for SSO under the Security section](./security-sso).
+Single sign-on (SSO) allows organizations to securely manage user authentication through their own identity provider (IdP). Both SAML 2.0 and OpenID Connect (OIDC) protocols are supported.
+
+<div class="flex justify-center" style="max-width: 550px">
+  <img
+    class="block dark:hidden !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/SSO.png"
+    alt="screenshot of Hugging Face Single Sign-On (SSO) feature"
+  />
+  <img
+    class="hidden dark:block !m-0"
+    src="https://huggingface.co/datasets/huggingface/documentation-images/resolve/main/enterprise/dark-SSO.png"
+    alt="screenshot of Hugging Face Single Sign-On (SSO) feature"
+  />
+</div>
+
+This feature allows organizations to:
+
+- Enforce mandatory authentication through your company's IdP
+- Automatically manage user access and roles based on your IdP attributes
+- Support popular providers like Okta, OneLogin, and Azure Active Directory
+- Maintain security while allowing external collaborators when needed
+- Control session timeouts and role mappings
+
+This Enterprise Hub feature helps organizations maintain consistent security policies while giving their teams seamless access to Hugging Face resources.
+
+[Getting started with SSO →](./security-sso)