Enterprise
Syntic Code is built for production engineering organizations. SSO, audit logs, managed policy, self-hosted deployments, and white-labeling are all first-class — not afterthoughts.
Why Enterprises Pick Syntic Code
| Need | Syntic Code |
|---|---|
| Model choice | Any model, any provider — including private / local |
| Data residency | Self-hosted in your VPC; nothing leaves your network |
| Compliance | SOC 2 Type II, HIPAA-ready, ISO 27001 in progress |
| SSO | SAML 2.0, OIDC, SCIM provisioning |
| Audit | Every prompt, tool call, and code change logged to your SIEM |
| Policy | Managed /etc/syntic/managed.json users cannot override |
| White-label | Re-brand the CLI and Cloud Desktop for resellers |
Deployment Options
Syntic Cloud (default)
Multi-tenant SaaS hosted in US / EU. Best for most teams.
Single-Tenant Cloud
Dedicated infrastructure in a region you choose. Same Syntic Cloud UX, isolated control plane.
Self-Hosted
Run the entire Syntic platform inside your VPC. Kubernetes Helm chart, Terraform modules for AWS / GCP / Azure.
Air-Gapped
Zero outbound network. Models run on-prem (vLLM or Ollama). Skills, MCP servers, and updates synced via offline bundle.
SSO & SCIM
# helm values
sso:
saml:
metadataUrl: https://idp.example.com/saml/metadata
enforce: true # block non-SSO logins
scim:
enabled: true
bearerToken: ${SCIM_TOKEN}Supported IdPs: Okta, Azure AD, Google Workspace, OneLogin, JumpCloud, Auth0, generic SAML.
Audit Log
Every event lands in a tamper-evident append-only log:
session.start/session.enduser.prompttool.call(with inputs, outputs, decision)file.edit/file.writebash.executepolicy.denymodel.call(with token counts and cost)
Stream to S3, GCS, Azure Blob, Splunk, Datadog, or a generic webhook.
Managed Policy
/etc/syntic/managed.json is loaded before any user settings and cannot be overridden:
{
"permissions": {
"deny": ["Bash(curl:*)", "Bash(npm publish:*)", "Edit(secrets/**)"]
},
"models": {
"allowed": ["kimi-k2-6", "claude-sonnet-4-6"]
},
"mcpServers": {
"allowed": ["github-internal", "postgres-readonly"]
},
"telemetry": { "enabled": true, "endpoint": "https://siem.example.com/syntic" }
}White-Label
Re-brand Syntic Code for your customers:
- CLI binary name (
yourbrandinstead ofsyntic) - Cloud Desktop logo, color palette, custom domain
- Docs site with your brand
- Model proxy with your house style
Contact sales@syntic.ai for white-label terms.
Procurement
- Security questionnaires — pre-filled SIG, CAIQ, ISO 27001 available on request
- Master Service Agreement — standard MSA + DPA + BAA
- Pricing — per-seat or per-token, annual contracts
- POC — 30-day pilots with success criteria defined upfront
Contact
- Sales: sales@syntic.ai
- Security: security@syntic.ai
- Compliance: trust@syntic.ai
Related
- Permissions — Policy enforcement details
- Settings — Managed policy schema
- Cloud Desktop — Self-hosted desktop deployments