1. Home
  2. Settings
  3. Organization Management
Searching...

Organization Management

Contents

Organizations in StationOne provide centralized management of policies, security, and access controls for enterprise teams.

Organization Policies

Organizations can define policies that apply to all members:

  • Library visibility rules: Control whether members can publish skills publicly or restrict to organization/team visibility.
  • Feature flags: Enable or disable specific features for the organization.
  • Publishing controls: Allow or restrict members from publishing to the public library.

Policies are configured by the organization administrator and enforced automatically across all workspaces.

Data Encryption

StationOne encrypts sensitive data files at rest:

  • Workspace configuration files (.ejson format) are encrypted using the organization’s encryption key.
  • Data is automatically migrated from unencrypted .json to encrypted .ejson format.
  • Encryption covers: workspace settings, skills/experts, MCP configurations.
  • The encryption module uses standard cryptographic functions.

NOTE: This is transparent to users — files are automatically encrypted when saved and decrypted when read.

Single Sign-On (SSO)

Organizations can configure SSO for seamless authentication:

How It Works

  1. When a user enters their email during login, StationOne checks the email domain.
  2. If SSO is configured for that domain, the user is redirected to the organization’s identity provider.
  3. After successful authentication, the user is logged into StationOne automatically.

For Users

  • Enter your work email on the login screen.
  • If your organization uses SSO, you’ll be redirected to your company’s login page.
  • Complete authentication there and you’ll be returned to StationOne.

Configuration

SSO is configured at the organization level by administrators. StationOne checks for SSO configuration via the /api/v1/auth/sso-check endpoint.

Server-Side API Keys

Organizations can manage API keys centrally:

  • Individual users don’t need to configure their own API keys.
  • Models become available automatically through the organization’s configuration.
  • Combined with the LLM proxy feature for seamless model access.

Data Vault

Organizations have access to a secure data vault for storing sensitive information that needs to be shared across the organization’s StationOne deployment.

Updated on March 17, 2026
Was this article helpful?
Yes No