deloc

Enterprise

Your team ships at AI speed.
IT keeps control.

Anyone in your organization can build a dashboard or internal tool in an afternoon with AI. Deloc Enterprise is the control plane that makes that safe: who can publish, who can view, what goes live, and a complete record of all of it.

Everything in Team, plus the governance features below. Custom pricing — no per-viewer fees, ever.

Contact Us Book a Demo

Identity

Single sign-on with your identity provider

Viewers and publishers sign in with the corporate accounts they already have. Nobody creates a Deloc password, and nobody keeps access after they leave.

  • Full OIDC SSO with Okta, Microsoft Entra, or any OIDC-compatible identity provider.
  • Okta and Entra App Gallery integrations — your IT team configures Deloc like any other sanctioned app.
  • Conditional access, MFA, and session policies enforced by your IdP apply to every Deloc app automatically.
  • Email domain restriction remains available per app for lighter-weight gating.

Lifecycle

SCIM 2.0 provisioning

User access is driven by your directory, not by invites and offboarding checklists.

  • Provision publishers and viewers automatically from your IdP groups.
  • Deactivate someone in your directory and their Deloc access ends with it — no orphaned accounts.
  • Role assignment (admin, publisher, viewer) mapped from your IdP.

Change control

Approval-gated deploys

AI-assisted building means anyone can ship an internal tool in minutes. Enterprise makes sure what ships is what you reviewed.

  • Every deploy is staged, never live, until an admin approves it.
  • Reviewers preview the exact staged build — the same bytes that will go live, not a description of them.
  • The currently-live version keeps serving untouched until approval; rejection discards the staged build with zero impact.
  • Automated security review runs on every deploy: phishing patterns, crypto-miners, unsafe scripts, external form targets.
  • Signed deploy manifests record full provenance — who deployed what, from where, and when.

Governance

Admin console for the whole organization

One place to see and control everything your organization has published.

  • Complete inventory of every app in the org — owner, status, size, traffic, visibility.
  • Kill switch: disable any app instantly, org-wide.
  • Deploy-approval queue, member management, and org settings in one console.
  • Role-based access control with least-privilege defaults.

Compliance

Full audit log with export

Every administrative action, deployment, and access change is recorded — and your compliance tooling can consume it.

  • Org-wide audit trail covering deploys, approvals, role changes, app lifecycle, and access events.
  • Export as JSON or CSV for compliance review.
  • Webhook streaming delivers audit events to your SIEM as they happen.

Security

A structurally smaller attack surface

Deloc serves static files only. There is no server-side execution in published apps — which removes the class of vulnerabilities that makes internal tools an IT liability.

  • No servers to patch, no runtimes to CVE-chase, no databases exposed by a hobby dashboard.
  • Platform and published content live on separate domains (deloc.dev vs deloc.app) for complete cookie and origin isolation.
  • Content scanning on upload, file-type allowlisting, and hardened server-side Actions for the cases that need API calls.

Read the full security overview →

AI-native

Built for how your team already builds

Publishers deploy from Claude Code, Cursor, or any MCP-compatible tool — and every governance control applies no matter where the deploy comes from.

  • First-class MCP server and CLI: “deploy this to Deloc” is the entire workflow.
  • Approval gates, audit logging, and SSO apply identically to CLI, MCP, and web deploys.
  • No new build pipeline to adopt — if it produces static files, it ships.

Scale

Limits that disappear

Enterprise removes the ceilings and adds the guarantees procurement asks about.

  • Unlimited apps, storage, and bandwidth; 1GB per-upload limit.
  • Custom domains for apps that need your brand.
  • 99.95% uptime SLA.
  • Viewers are always free — only publishers need seats, so a dashboard seen by 500 people costs the same as one seen by 5.

Getting started

Rollout is three steps, not a quarter

  1. 1 Talk to us. A short call to scope publishers, apps, and your compliance requirements.
  2. 2 Connect your IdP. SSO and SCIM against Okta, Entra, or any OIDC provider.
  3. 3 Ship from day one. Publishers deploy from Claude Code, Cursor, or the CLI. Approvals, audit, and access control are already on.
Contact Us
← Back to pricing