Skip to content
Docs
flero.ai

Organization settings

The organization is the top-level container that owns one or more workspaces. Use organization settings to manage policies, SSO, billing, and the workspaces themselves.

Available on plans that include organization features (Team and above). On individual plans, you have a single organization with a single workspace and don't need to think about this layer.

How to get there

Settings → Organization (visible to organization admins and owners). Or /enterprise for the bigger six-tab Enterprise view.

What's on the Organization tab

General

  • Name, organization display name.
  • Logo, used on public-facing surfaces (approval links, hosted forms).
  • Default time zone, fallback for new workspaces.
  • Primary email, for system notifications.

Workspaces

A list of every workspace in the organization. Per workspace:

  • Name, member count, created date, status.
  • Open (switches you into it).
  • Archive / restore.
  • Transfer to another organization (rare; admin escalation usually).

Members (org-level)

Everyone with any role in any workspace, plus organization-level roles. Manage:

  • Promote / demote organization admins.
  • Suspend a user across the entire org (good for incident response).
  • View per-user audit summary.

Policies

Org-wide guardrails:

  • Allowed invite domains, restrict workspace invites to specific email domains.
  • Required MFA, force every user to enable MFA before they can sign in.
  • Session lifetime, log users out after N hours.
  • Workflow auto-archive, archive draft workflows untouched for N days.
  • Approval timeouts, global default for Approval node timeouts.
  • Data residency, for self-hosted: pin certain workspaces to specific regions.

SSO / SAML

Configure SSO with Okta, Azure AD, Google Workspace, OneLogin, or any SAML 2.0 IdP. Once configured, users can sign in with their corporate credentials and provisioning is automated.

Setup is a one-time admin task, usually 30–60 minutes. Detailed walkthroughs are in the Operator guide → Authentication (in the repo restructure).

Audit log

A searchable feed of every administrative action across the org: member changes, role changes, credential rotations, workspace creates / deletes, policy edits.

Billing

  • Current plan and seat usage.
  • Invoices and payment method.
  • Usage breakdowns by workspace.
  • Upgrade / downgrade.

API

  • Org-level API keys (separate from workspace keys; can act across workspaces).
  • Webhook endpoints for org-wide events (member joined, workflow archived, etc.).

The /enterprise view (six tabs)

A richer dashboard for enterprise admins:

Tab What it shows
Overview Health summary: active workspaces, total users, runs in the last 24 h, error rate, recent incidents
Policies Policy editor (same as the Organization tab, but with more granular controls)
Quotas Per-workspace and org-wide quota dashboards (API calls, executions, storage, AI tokens), with alerts
Security SSO, IP allow-list, audit log, breach alerts
Billing Per-workspace cost breakdowns, forecast, anomaly detection
Analytics Team productivity, usage trends, top workflows, adoption funnel

Tips & gotchas

  • Org-level policies are inherited by all workspaces. A policy change ripples instantly, communicate before flipping switches like "Required MFA".
  • Transferring a workspace between organizations keeps the workflows / executions but resets member roles in the target org. Coordinate carefully.
  • Suspending a user at the org level doesn't delete them, they can be reactivated with their roles intact.
  • SSO + invite domain restrictions are belt-and-braces; both can be enforced together for tighter control.
  • Quota alerts can be set to Slack-fire when a workspace approaches its ceiling. Set these up early; first hitting the cap is a bad way to learn it exists.

Found something out of date? This page lives in the Flero docs content set.