Enterprise covers everything an admin needs to operate Compound for an organization: managing the team, federating identity with your IdP, automating user provisioning, auditing activity, and integrating Compound into your security review.
All team admin lives under Settings > Team.
Team administration
Roles
Every team member has one of three roles:
- Owner — full control of the team, including billing, SSO, SCIM, member removal, and team deletion. There is always exactly one Owner; you can transfer ownership at any time.
- Admin — can invite and remove members and view the audit log. Cannot change billing or transfer ownership.
- Member — standard team access. Can create Drives, run chats, and collaborate on shared Drives.
Members and invitations
Settings > Team > Members lists everyone on the team with their role, status, and last activity. Use this page to:
- Change a member’s role from the role dropdown.
- Click Remove from Team to revoke access. The confirmation dialog asks you to confirm with Remove.
Settings > Team > Invitations lists pending invites. Click Invite to send a new invitation — enter the email and pick a role. Invites expire after a published window if not accepted; resend if needed.
Single Sign-On (SSO)
Compound supports SAML 2.0 and OpenID Connect (OIDC) so your team can sign in through your existing identity provider (Okta, Entra ID, Google Workspace, OneLogin, etc.).
- Set up SSO for Compound — overview, prerequisites, domain verification, and supported protocols.
- Set up Okta OIDC SSO — step-by-step guide for OIDC with Okta. Recommended starting point.
- Set up Okta SAML SSO — step-by-step guide for SAML 2.0 with Okta.
Only Team Owners can configure SSO. Once SSO is active, anyone signing in with your verified domain is routed through your identity provider automatically.
SCIM provisioning
SCIM 2.0 syncs your team membership from your identity provider, so assigning someone to the Compound app in your IdP adds them to your team automatically — and unassigning them removes them.
- SCIM provisioning — overview, prerequisites, and how it interacts with SSO.
- Set up Okta SCIM provisioning — step-by-step setup with Okta.
SCIM requires an active SSO configuration. Enable SSO first, then layer SCIM on top.
Audit log
Settings > Team > Audit Log records who did what and when, for use in security reviews and compliance audits. The log captures member events (invites, removals, role changes), authentication events, SSO/SCIM configuration changes, and exports.
You can export the log as CSV with the Export button at the top of the page.
Security and privacy
Compound’s data handling, retention, and compliance posture are documented at Security. For specific questions — data residency, retention windows, sub-processors, vendor security questionnaires — contact your account team.
Enterprise plans include data isolation guarantees, custom retention windows, and a security review process. If your organization needs any of these, talk to us before rolling Compound out widely.
What to read next
- Account, plans and billing — billing, plans, and per-user account settings.
- Drives and files — the Drive sharing model that team membership controls access through.
- Set up SSO for Compound — the entry point for IdP integration.