Enterprise readiness

Cassidy gives IT and operations teams full control over deployment, access, and AI governance. Here’s what’s available out of the box.

​

Single Sign-On

Cassidy supports SAML 2.0 SSO with any compatible identity provider, including Okta and Microsoft Entra ID. Your team signs in with existing credentials. SAML group mappings can automatically assign users to the right Cassidy groups based on attributes from your identity provider, so access is provisioned from day one without manual setup.

​

Roles and permissions

Three organizational roles (Member, Admin, Super Admin) give you tiered control over platform management. Group-based permissions control what each team can do: create Agents and Workflows, add to the Knowledge Base, record meetings, or invite members. Permissions are additive across groups.

​

Knowledge Base access controls

Knowledge Base content is organized into collections, each with its own access settings. Collections can be open to the whole organization, restricted to specific groups or individuals, or kept private. Sensitive content can live in Cassidy without being accessible to everyone.

​

Knowledge verification

Admins can flag Knowledge Base documents as potentially outdated and require them to be reviewed before Agents continue using them. This gives teams a lightweight governance layer to ensure the information powering your Agents stays accurate and current.

​

Agent and Workflow controls

Agents and Workflows can be shared with specific groups, kept private, or made available to the whole organization. Both can be organized into folders with their own permission settings. Workflows support external deployment via webhooks for integration into other systems. Agents support draft and publish versioning with full version history, so changes can be reviewed before they go live.

​

Meeting access controls

Meeting recordings default to private and can be shared with specific people, groups, or the whole organization. Admins can set up automated sharing rules that apply access settings based on defined conditions, so the right teams always have access without manual sharing.

​

Data retention

Enterprise customers can configure automated retention policies for Workflow run history. Set a custom retention window to automatically purge run data after a defined period, or retain it indefinitely. Manual deletion is always available. All data is permanently deleted when an account is closed.

​

Global AI governance

Admins can set organization-wide instructions that apply to every Agent and Workflow across the organization. Use this to enforce tone, restrict certain language, add compliance disclaimers, or ensure consistent behavior regardless of how individual Agents are configured.

​

Default Agent configuration

Admins control which Agents appear by default for team members when they open a new chat. This ensures new users land in the right context without needing to hunt for the right Agent.

​

Observability and AI usage monitoring

The usage dashboard surfaces credit consumption by user, Workflow run volumes, Knowledge Base storage, and meeting hours. Workflow run history logs every execution with inputs, outputs, and step-level results for auditing and debugging. Per-user credit limits and alert thresholds give admins proactive control over spend.

​

Secret management

API keys, passwords, and other sensitive credentials used in Workflows are stored as encrypted secret keys rather than plain text values. Secrets can be scoped to specific users or groups so only authorized team members can use them in Workflow actions. Once saved, secret values are never exposed in the Workflow editor or run history.

​

Custom integrations and extensibility

Cassidy integrates natively with most enterprise tools. For everything else, Workflows can send API requests to any external system, accept webhook triggers from any source, run custom code for advanced logic, and connect Agents to internal systems via MCP servers. Most integrations are point-and-click. The edge cases are covered by code.

​

Managed MCP servers and native Agent connectors

Cassidy supports MCP, giving Agents the ability to connect to virtually any external system. Unlike consumer AI tools, Cassidy’s MCP is admin-controlled: only admins can register servers, access is scoped per user or group, and every tool carries its own permission setting (always allowed, requires approval, or disabled). All actions are logged and data retrieved through MCP is never stored. Cassidy also provides native connectors for HubSpot, Salesforce, Airtable, Snowflake, BigQuery, and ServiceNow with the same permissioning model. Users connect their own accounts so Agents only access data they’re authorized to see. Any connector action that modifies data requires explicit in-chat approval before it executes.

​

Native OAuth integrations

All native integrations connect through standard OAuth or API key authentication. Cassidy only requests the scopes needed for each integration, and credentials are encrypted and stored separately from content data. Users connect their own accounts through the standard OAuth flow. For shared service accounts, admins can set up centralized connections with controlled scope.

​

Multi-organization support

Cassidy supports multiple separate organizations under the same login, useful for companies managing multiple divisions, brands, or client environments that require strict data separation.

​

Deploy Cassidy wherever your team works

Agents can be deployed wherever your team already works: Slack, Microsoft Teams, Outlook, Word, Excel, Chrome, Edge, embedded in any website, or accessed via API. All deployment surfaces operate under the same security model as the main platform.

---

For questions about enterprise deployment, contact support@cassidyai.com or visit trust.cassidyai.com.