FEATURES
Everything you control, from pilot to enterprise
Scale limits, security controls, integrations, and governance — modeled cleanly so it can be enforced consistently.
Core scale limits (counts)
Platform: Max tenants
Prevents cheap license abuse / runaway growth.
Tenant: Max environments
Natural isolation and pricing lever.
Environment: Max applications
Direct revenue driver.
Application: Max app users
Primary SaaS metric.
Application: Max roles
Controls RBAC complexity.
Application: Max privileges
Prevents RBAC explosion.
Tenant: Max tenant users
Controls admin sprawl.
Identity & security controls
Platform: MFA supported
Global capability gate.
Platform: MFA methods allowed
TOTP / SMS / Email controls.
Tenant: MFA required
Tenant policy enforcement.
Tenant: TOTP enabled
Preferred secure + low cost.
Tenant: SMS MFA allowed
Cost driver / premium feature.
Tenant: Email MFA allowed
Low-cost fallback.
Application: App-level MFA override
Enterprise feature granularity.
Application: Password-only users allowed
Low-tier convenience.
API & integration controls
REST API access
Core developer value.
gRPC / RPC entitlements
High performance / embedded usage.
External webhooks (events)
Integrations and automation.
Audit log export
Compliance + security operations.
SCIM / bulk provisioning
Enterprise identity lifecycle.
Rate limits (API / RPC)
Protects infra and prevents abuse.
Operational & governance controls
Data retention period
Compliance and cost control.
Audit log depth
Enterprise buyers ask for it.
Soft-delete retention
Ops recovery and safety.
Backup frequency (SaaS)
SLA tiers.
SSO enforcement (tenant-wide)
Security posture.
IP allowlisting
Enterprise hardening.
Custom domains
Branding and trust.
Custom JWT claims
Advanced app integration.
Token lifetime control
Security posture.
Session concurrency limits
Abuse prevention.