Organization Settings
Manage users, roles, billing, and organization-wide settings.
Users & Permissions
Adding Users
- Navigate to Organization → Users
- Click Invite User
- Enter email address
- Select role
- Send invitation
Roles
CyberCage implements role-based access control with four distinct roles:
| Role | Permissions |
|---|---|
| Owner | Full organization control: manage all settings, billing, users, delete organization |
| Admin | Administrative access: manage users, approve MCP servers, configure policies, view all threats |
| Member | Standard access: use protected applications, view personal data and threats |
| Viewer | Read-only access: view dashboard data without making changes |
Users can have different roles in different organizations. Role assignments are managed at the organization-member level.
SSO Configuration (Business & Enterprise)
Single Sign-On is available on Business and Enterprise plans. CyberCage currently supports OpenID Connect providers:
Setup Steps:
- Navigate to Organization → SSO
- Select OpenID Connect provider
- Enter provider details:
- Provider name (e.g., "Okta", "Auth0", "Azure AD")
- Client ID and Client Secret
- Issuer URL (OpenID Connect discovery endpoint)
- Redirect URI (provided by CyberCage)
- (Optional) Configure domain restriction - limit SSO to specific email domains
- Test the connection to verify configuration
- Enable SSO for your organization
Domain-Based Routing: Configure domain restrictions to automatically route users with matching email domains to your organization's SSO.
Note: SAML support is planned for future releases. Current implementation focuses on OpenID Connect.
Billing & Subscription
Trial Period
New organizations start with a 14-day free trial that includes:
- 3 users
- 5 applications
- 5 MCP servers
- 2 daemons
- 50 daily evaluations
- 7-day audit log retention
After the trial expires, you must upgrade to a paid plan to continue using CyberCage. Choose from Developer ($29/mo), Team ($49/mo), Business ($199/mo), or Enterprise (custom pricing).
Current Plan
View your subscription details:
- Plan Type: Trial, Developer, Team, Business, or Enterprise
- Status: active, trialing, canceled, past_due, unpaid, incomplete
- Billing Cycle: Current period start and end dates
- Next Payment: Next billing date (if active)
- Payment Status: Grace period of 7 days for failed payments
Plan Limits & Features
Each plan comes with specific resource limits and features:
| Feature | Trial | Developer | Team | Business | Enterprise |
|---|---|---|---|---|---|
| Price | Free (14 days) | $29/mo | $49/mo | $199/mo | Custom |
| Annual Discount | - | 20% off | 20% off | 20% off | Custom |
| Max Users | 3 | 10 | 15 | 100 | Unlimited |
| Max Applications | 5 | 5 | 10 | 50 | Unlimited |
| Max MCP Servers | 5 | 15 | 30 | 500 | Unlimited |
| Max Daemons | 2 | 5 | 10 | 50 | Unlimited |
| Max Integrations | 0 | 1 | 2 | 10 | Unlimited |
| Organizations | 1 | 1 | 1 | 1 | Unlimited |
| Daily Evaluations | 50 | 150 | 250 | 5,000 | Unlimited |
| Eval Overage | No | No | Yes ($0.01/eval) | Yes ($0.005/eval) | N/A |
| Content Inspection | No | No | Yes (beta) | Yes (beta) | Yes |
| Bring Your Own LLM | No | No | No | Yes (beta) | Yes |
| SSO | No | No | No | Yes | Yes |
| Support | Community | Priority | Dedicated | ||
| Audit Log Retention | 7 days | 14 days | 30 days | 90 days | 365 days |
| Trial Period | 14 days | - | - | - | - |
Upgrade/Downgrade
Change plans through the Stripe-powered billing portal:
- Navigate to Billing → Manage Subscription
- Click Change Plan
- Select your desired plan:
- Developer ($29/month) - For individual developers
- Team ($49/month) - For small teams with overage support
- Business ($199/month) - For growing businesses with SSO and priority support
- Enterprise (Custom pricing) - For large organizations with unlimited resources
- Review prorated charges or credits
- Confirm the change
Changes take effect immediately with prorated billing adjustments.
Note: Downgrades are blocked if your current usage exceeds the new plan's limits. You'll need to reduce your usage before downgrading.
Payment Methods
Manage payment information through the billing portal:
- Add/Update Credit Card: Securely store payment methods via Stripe
- Set Default Payment Method: Choose which card to charge
- View Payment History: See all completed payments
- Update Billing Information: Change billing address and contact details
- Download Invoices: Get PDF receipts for accounting
All payment data is securely handled by Stripe - CyberCage never stores raw card details.
Invoices
Access your billing history:
- Invoice Number: Unique identifier for each bill
- Status: Paid, Open, Void, Uncollectible
- Amount: Total, paid, and due amounts
- Period: Billing period covered
- PDF Download: Get printable invoice
- Hosted Page: View detailed invoice online
Overage Billing
For plans with evaluation overage support:
Team Plan:
- Base: 250 daily evaluations included
- Overage rate: $0.01 per additional evaluation
- Billed at the end of each billing cycle
Business Plan:
- Base: 5,000 daily evaluations included
- Overage rate: $0.005 per additional evaluation
- Billed at the end of each billing cycle
Usage Tracking:
- Real-time usage monitoring in the dashboard
- Automatic overage calculation and reporting
- Usage data synchronized with Stripe every 5 minutes
- Detailed usage breakdown in invoices
Organization Settings
General Information
Configure basic organization details:
- Organization Name - Display name for your organization
- Domain - Organization identifier
- Industry - Your business sector
- Size - Organization size (startup, small, medium, enterprise)
Threat Detection Settings
Configure how threats are detected and handled:
Sensitivity Level:
- High - Most aggressive detection, may have more false positives
- Medium - Balanced approach (recommended for most organizations)
- Low - Permissive detection, focuses on high-confidence threats
Detection Features by Plan:
- Pattern Detection - Signature-based threat detection (all plans)
- Block Suspicious Tools - Auto-block suspicious MCP servers (all plans)
- Content Inspection - Deep content analysis (Team plan and above, beta)
- LLM Analysis - AI-powered threat validation:
- Trial/Developer: Basic LLM analysis
- Team/Business: Enhanced LLM analysis
- Business: Bring Your Own LLM option (beta)
- Enterprise: Custom LLM configuration
Security Policies
CyberCage uses a two-level policy system:
Global Policies - System-wide policy definitions
- Maintained by CyberCage
- Cover all 11 threat categories
- Include MITRE ATT&CK technique mappings
Organization Policies - Your custom policy configuration
- Enable/disable specific global policies
- Customize policy names for your organization
- Set decisions: ALLOW, DENY, or WARN
- Track policy triggers and last activation
Default Policy Assignment: When your organization is created, all Critical and High severity policies are automatically enabled. You can adjust these based on your security requirements.
MCP Method Policies
Control access to MCP protocol methods:
Essential Methods (typically bypassed):
initialize,initialized,ping,exitcapabilities/list,completion/complete- Notification methods
Non-Essential Methods (analyzed by default):
tools/call,tools/listprompts/get,prompts/listresources/read,resources/list
Configure each method with:
- Bypass - Allow without analysis
- Monitor - Analyze but don't block
- Block - Prevent execution
API Keys
Manage programmatic access to CyberCage (Developer plan and above):
- Generate API keys for automation
- Set expiration dates
- Track last usage
- Revoke keys when needed
Next Steps
- Policy & Threats - Customize security rules