Back to DocumentationContact Sales
Enterprise Features
Production-ready enterprise capabilities: SSO, RBAC, compliance, self-hosted deployment, and SLA support.
Enterprise License Required
Enterprise features require a license. Contact us for pricing and a free trial.
SSO/SAML Authentication
Enterprise single sign-on with SAML 2.0 and OIDC support
import { createSSOManager } from '@rana/core';
const sso = createSSOManager({
providers: [{
name: 'okta',
type: 'saml',
enabled: true,
config: {
entityId: 'https://your-app.com/saml',
assertionConsumerServiceUrl: 'https://your-app.com/saml/acs',
idpMetadataUrl: 'https://your-okta.okta.com/app/.../sso/saml/metadata'
},
jitProvisioning: true, // Auto-create users
defaultRoles: ['developer']
}]
});
// Initiate login
const { redirectUrl } = await sso.initiateLogin('okta');
// Handle callback
const result = await sso.handleCallback('okta', callbackData);
if (result.success) {
console.log(result.user); // Authenticated user
console.log(result.session); // Session token
}Role-Based Access Control
Fine-grained permissions with roles, policies, and audit logging
import { createRBACManager, SYSTEM_ROLES } from '@rana/core';
const rbac = createRBACManager({
defaultDenyAll: true,
enableAuditLog: true
});
// Built-in roles: super_admin, admin, developer, analyst, viewer
// Create custom role
await rbac.createRole({
name: 'ml_engineer',
permissions: ['agents:*', 'prompts:*', 'models:read'],
inherits: ['developer'] // Inherit from other roles
});
// Assign role to user
await rbac.assignRole(userId, 'ml_engineer', {
scope: 'team:ml-team',
expiresAt: new Date('2025-12-31')
});
// Check access
const result = await rbac.checkAccess(
{ userId, roles: ['ml_engineer'] },
'execute',
{ type: 'agent', id: 'agent-123' }
);
if (!result.allowed) {
console.log(result.reason); // Why access was denied
}Compliance Reporting
SOC 2, GDPR, HIPAA compliance with audit trails and data management
import { createComplianceManager } from '@rana/core';
const compliance = createComplianceManager({
standards: ['soc2', 'gdpr', 'hipaa'],
enableRealTimeMonitoring: true,
onViolation: async (finding) => {
await notifySecurityTeam(finding);
}
});
// Log audit events
await compliance.logEvent({
eventType: 'data_access',
actor: { id: userId, type: 'user' },
action: 'read',
resource: { type: 'agent', id: 'agent-123' },
outcome: 'success'
});
// Handle GDPR data subject requests
const request = await compliance.createDataSubjectRequest({
type: 'erasure', // or 'access', 'portability'
subjectId: userId,
subjectEmail: 'user@example.com'
});
await compliance.processDataSubjectRequest(request.id);
// Generate compliance report
const report = await compliance.generateReport('soc2', {
start: new Date('2024-01-01'),
end: new Date('2024-12-31')
});Self-Hosted Deployment
Air-gapped deployment with custom model endpoints and local infrastructure
import {
createSelfHostedManager,
createAirGappedConfig
} from '@rana/core';
// Air-gapped configuration
const config = createAirGappedConfig({
localModelEndpoint: {
id: 'local-llm',
name: 'Local LLM',
provider: 'local',
baseUrl: 'http://localhost:11434',
models: ['llama3', 'mistral'],
capabilities: ['chat', 'completion']
},
localVectorStore: {
id: 'local-qdrant',
provider: 'qdrant',
endpoint: 'http://localhost:6333'
},
licenseKey: process.env.RANA_LICENSE_KEY
});
const selfHosted = createSelfHostedManager(config);
// Validate configuration
const { valid, errors } = selfHosted.validateConfig();
// Generate Kubernetes manifests
const k8sManifests = selfHosted.generateKubernetesManifests();
// Generate Docker Compose
const dockerCompose = selfHosted.generateDockerCompose();
// Health monitoring
const health = await selfHosted.getHealthStatus();
console.log(health.overall); // 'healthy' | 'degraded' | 'unhealthy'
console.log(health.components); // Individual component statusSLA Support
SLO monitoring, error budgets, alerting, and SLA reporting
import { createSLAManager, SLA_TEMPLATES } from '@rana/core';
const sla = createSLAManager({
slas: [{
...SLA_TEMPLATES.gold,
id: 'customer-sla',
customerId: 'customer-123',
effectiveDate: new Date()
}],
alertRules: [{
id: 'availability-alert',
name: 'Availability Below Target',
sloId: 'availability',
condition: 'below_target',
severity: 'critical',
channels: [{
type: 'slack',
config: { webhook: process.env.SLACK_WEBHOOK }
}]
}]
});
// Record metrics
await sla.recordAvailability('availability', true);
await sla.recordLatency('latency-p99', responseTime);
// Get SLO status
const status = await sla.getSLOStatus('availability');
console.log(status.current); // 99.95
console.log(status.target); // 99.9
console.log(status.errorBudgetRemaining); // 85%
// Generate SLA report
const report = await sla.generateReport('customer-sla', {
start: startOfMonth,
end: endOfMonth
});
// Start monitoring
sla.startMonitoring();Supported Compliance Standards
SOC 2
GDPR
HIPAA
PCI DSS
ISO 27001
CCPA
Pre-defined SLA Templates
Platinum
Availability: 99.99%
P99 Latency: 100ms
Gold
Availability: 99.9%
P99 Latency: 200ms
Silver
Availability: 99.5%
P99 Latency: 500ms
Bronze
Availability: 99%
P99 Latency: -