Enterprise

Last updated July 7, 2026

Enterprise covers everything an admin needs to operate Compound for an organization: managing the team, federating identity with your IdP, automating user provisioning, auditing activity, and integrating Compound into your security review.

Team administration lives in the Organization group of Settings tabs: Members (people, invites, and roles), Security (domain verification, SSO, SCIM, and the audit log), Billing (plan and seats), Groups and Project Drives (team managers and above), and Agents. What you can see and do on each depends on your role.

Team administration

Roles

Every team member has one of four roles:

  • Owner — full control of the team, including billing, SSO, SCIM, member removal, and team deletion. There is always exactly one Owner; you can transfer ownership at any time.
  • Admin — can invite and remove members, manage billing, and view the audit log. Cannot transfer ownership.
  • Manager — can manage groups, shared Drives, and team agents, and view the audit log. Cannot invite or remove members or change billing.
  • Member — standard team access. Can create Drives, run chats, and collaborate on shared Drives.

Members and invitations

Settings > Members lists everyone on the team with their role, status, and last activity, along with any pending invites. Use this page to:

  • Change a member’s role from the role dropdown.
  • Click Remove from Team to revoke access. The confirmation dialog asks you to confirm with Remove.
  • Click Invite to send new invitations — enter one or more email addresses. Invitees join as Members; change their role from the roster once they’ve accepted. Invites expire after a published window if not accepted; resend if needed.

Single Sign-On (SSO)

Compound supports SAML 2.0 and OpenID Connect (OIDC) so your team can sign in through your existing identity provider (Okta, Entra ID, Google Workspace, OneLogin, etc.).

Only Team Owners can configure SSO. Once SSO is active, anyone signing in with your verified domain is routed through your identity provider automatically.

SCIM provisioning

SCIM 2.0 syncs your team membership from your identity provider, so assigning someone to the Compound app in your IdP adds them to your team automatically — and unassigning them removes them.

SCIM requires an active SSO configuration. Enable SSO first, then layer SCIM on top.

Audit log

The audit log, reached from Settings > Security, records who did what and when, for use in security reviews and compliance audits. The log captures member events (invites, removals, role changes), authentication events, SSO/SCIM configuration changes, and exports.

You can export the log as CSV with the Export button at the top of the page.

Security and privacy

Compound’s data handling, retention, and compliance posture are documented at Security. For specific questions — data residency, retention windows, sub-processors, vendor security questionnaires — contact your account team.

Note

Enterprise plans include data isolation guarantees, custom retention windows, and a security review process. If your organization needs any of these, talk to us before rolling Compound out widely.

What to read next