|
| 1 | +--- |
| 2 | +title: Enterprise |
| 3 | +description: Enterprise features for organizations with advanced security and compliance requirements |
| 4 | +--- |
| 5 | + |
| 6 | +import { Callout } from 'fumadocs-ui/components/callout' |
| 7 | + |
| 8 | +Sim Studio Enterprise provides advanced features for organizations with enhanced security, compliance, and management requirements. |
| 9 | + |
| 10 | +--- |
| 11 | + |
| 12 | +## Bring Your Own Key (BYOK) |
| 13 | + |
| 14 | +Use your own API keys for AI model providers instead of Sim Studio's hosted keys. |
| 15 | + |
| 16 | +### Supported Providers |
| 17 | + |
| 18 | +| Provider | Usage | |
| 19 | +|----------|-------| |
| 20 | +| OpenAI | Knowledge Base embeddings, Agent block | |
| 21 | +| Anthropic | Agent block | |
| 22 | +| Google | Agent block | |
| 23 | +| Mistral | Knowledge Base OCR | |
| 24 | + |
| 25 | +### Setup |
| 26 | + |
| 27 | +1. Navigate to **Settings** → **BYOK** in your workspace |
| 28 | +2. Click **Add Key** for your provider |
| 29 | +3. Enter your API key and save |
| 30 | + |
| 31 | +<Callout type="warn"> |
| 32 | + BYOK keys are encrypted at rest. Only organization admins and owners can manage keys. |
| 33 | +</Callout> |
| 34 | + |
| 35 | +When configured, workflows use your key instead of Sim Studio's hosted keys. If removed, workflows automatically fall back to hosted keys. |
| 36 | + |
| 37 | +--- |
| 38 | + |
| 39 | +## Single Sign-On (SSO) |
| 40 | + |
| 41 | +Enterprise authentication with SAML 2.0 and OIDC support for centralized identity management. |
| 42 | + |
| 43 | +### Supported Providers |
| 44 | + |
| 45 | +- Okta |
| 46 | +- Azure AD / Entra ID |
| 47 | +- Google Workspace |
| 48 | +- OneLogin |
| 49 | +- Any SAML 2.0 or OIDC provider |
| 50 | + |
| 51 | +### Setup |
| 52 | + |
| 53 | +1. Navigate to **Settings** → **SSO** in your workspace |
| 54 | +2. Choose your identity provider |
| 55 | +3. Configure the connection using your IdP's metadata |
| 56 | +4. Enable SSO for your organization |
| 57 | + |
| 58 | +<Callout type="info"> |
| 59 | + Once SSO is enabled, team members authenticate through your identity provider instead of email/password. |
| 60 | +</Callout> |
| 61 | + |
| 62 | +--- |
| 63 | + |
| 64 | +## Self-Hosted |
| 65 | + |
| 66 | +For self-hosted deployments, enterprise features can be enabled via environment variables: |
| 67 | + |
| 68 | +| Variable | Description | |
| 69 | +|----------|-------------| |
| 70 | +| `SSO_ENABLED`, `NEXT_PUBLIC_SSO_ENABLED` | Single Sign-On with SAML/OIDC | |
| 71 | +| `CREDENTIAL_SETS_ENABLED`, `NEXT_PUBLIC_CREDENTIAL_SETS_ENABLED` | Polling Groups for email triggers | |
| 72 | + |
| 73 | +<Callout type="warn"> |
| 74 | + BYOK is only available on hosted Sim Studio. Self-hosted deployments configure AI provider keys directly via environment variables. |
| 75 | +</Callout> |
0 commit comments