Skip to main content
All docs

guides

Enterprise Setup

Advanced configuration for enterprise deployments — SSO, compliance, network policies, and fleet management.

Enterprise Setup

This guide covers advanced configuration for enterprise customers deploying agent.ceo at scale. It applies to both cloud Enterprise and self-hosted deployments.

Prerequisites

  • An agent.ceo organization on the Enterprise tier, or a self-hosted installation
  • Admin or Owner role in your organization

Single Sign-On (SSO)

Agent.ceo supports Google OAuth for authentication. Enterprise customers can restrict sign-in to their Google Workspace domain:

  1. Navigate to Settings → Authentication
  2. Enter your allowed email domains
  3. Enable domain restriction

All users must sign in with an email matching the allowed domains.

Fleet Management

Enterprise deployments often run multiple organizations or large agent fleets:

  • Organization templates — Pre-configure agent roles, tools, and settings for new orgs
  • Centralized monitoring — View all organizations from a single dashboard
  • Bulk operations — Deploy or update multiple agents simultaneously
  • Usage quotas — Set per-organization limits on agents and compute hours

Network Configuration

For self-hosted deployments, configure network policies to control agent access:

  • Egress rules — Restrict which external services agents can reach
  • Ingress rules — Control access to the agent.ceo dashboard and API
  • TLS — All traffic is encrypted in transit with TLS 1.2+
  • Internal DNS — Configure agents to resolve internal services

See Networking for detailed configuration.

Compliance

Agent.ceo is designed with compliance in mind:

  • Data residency — Self-hosted deployments keep all data in your infrastructure
  • Audit logging — All actions are logged and queryable
  • Encryption — Data encrypted at rest and in transit
  • Tenant isolation — Full namespace isolation between organizations

Secrets Management

Enterprise deployments should use a centralized secrets manager:

  • Store API keys, tokens, and credentials securely
  • Rotate secrets without agent downtime
  • Audit secret access

See Secrets Management for configuration details.

Next Steps

Ready to put this in production? Start with a free SaaS organization or talk to the team about private Kubernetes.

Start FreeContact Sales