Admin console TEAMS

Govern the fleet. From one URL.

Provision seats. Watch spend per provider, per person, per day. Push a deny-list rule to 200 machines. Pull an audit bundle for SOC 2. Magic-link in — no passwords, no third-party SSO required to start.

Open admin console ↗ Pricing →

No credit card to provision a workspace. Bills only when you add a paid seat.

PROMISE 1

Spend you can defend.

Per-provider, per-person, per-day. Anthropic + OpenAI + local. Set hard caps that auto-revoke a key when crossed — no surprise bill.

PROMISE 2

Policy that travels.

Set the deny-list, approval mode, MCP allowlist once at the org. Every seat picks it up on next launch. Push a hotfix in seconds.

PROMISE 3

Audit on demand.

Hash-chained logs aggregate from every seat. Export to SIEM. Pull a SOC 2 evidence bundle covering 49 features × 30 controls — signed, with timestamps.

What it looks like

One pane. Five surfaces.

Seats, members, spend, billing, API tokens. Magic-link auth — no passwords.

azmx.ai/admin-console/spend

Org · acme-corp

Seats

Members

Spend

Billing

API tokens

Governance

Policy

MCP registry

Audit

Spend · last 30 days

refreshes every 5 min

total

$2,841

↘ 12% vs prior 30d

per seat / day

$3.78

25 active seats

cap headroom

68%

cap: $4,200/mo

Provider

Spend

Tokens (M)

Status

Anthropic

$1,920

184.2

healthy

OpenAI

$782

96.7

healthy

Local · Ollama

42.1

offline

Anthropic · m. priya

$139

13.4

90% of cap

illustrative — your dashboard, your numbers

The five surfaces

What you actually do here.

Seats

Provision and deprovision in seconds. Adjusts billing prorata via Polar. Bulk-add from a CSV; SCIM-managed seats auto-sync from Okta / Azure AD / OneLogin.

Members

Roles (owner · admin · member · billing). Magic-link invite or SCIM provisioning. Per-member spend cap, per-member deny-list overrides, per-member MCP allowlist.

Spend

Per-provider, per-person, per-day. Hard caps with auto-revoke. CSV export. Hourly granularity for the last 14 days, daily for the last year.

Billing

Self-serve checkout + invoices via Polar (the merchant of record). Plan changes, seat counts, payment methods, tax IDs — all in one place. Enterprise contracts via sales.

API tokens

Org-scoped tokens for CI / scripting / SIEM ingest. Scoped permissions (read seats, write policy, read audit). Auto-rotation cadence configurable. Revoke instantly.

Audit aggregation

Every seat’s hash-chained log streams to the org bucket. Search by member, by tool, by time range. Export as JSONL or push to your SIEM (Splunk, Datadog, Elastic).

Fleet policy

Push once. Lands everywhere on next launch.

Policy is signed at the org level. Every client verifies the signature before applying. Members can’t override; ops can roll back in one click.

The policy file

// org policy — signed, pushed, verified per seat
{
  "approval_mode_min": "strict",        // no Permissive in this org
  "deny_list_extra": [
    "**/customer-data/**",
    "**/*.pem",
    "infra/terraform/secrets/**"
  ],
  "mcp_allowlist": ["linear", "github", "sentry"],
  "provider_allowlist": ["anthropic", "local"],
  "max_spend_per_member_usd": 200,
  "dlp_egress_guard": true,
  "audit_retention_days": 365
}

What it controls

Approval floor. Forbid Permissive mode org-wide. Force Strict for everyone, or Paranoid for repos touching prod.

Compounded deny-list. Your patterns stack on top of the built-in .env / .ssh / credentials refusal. Patterns are pushed in seconds.

MCP allowlist. Only org-approved MCP servers can be wired up. The shared registry handles auth tokens — no member needs to manage them.

Provider allowlist. Restrict to specific vendors (e.g., Anthropic + your local llama.cpp). Forbid OpenAI for compliance, etc.

DLP egress guard. Pattern-match prompts + tool outputs before they cross the BYOK boundary. Refuses any request containing high-confidence secret patterns.

Identity

Magic link by default. SAML + SCIM when you’re ready.

You don’t need an IdP to start governing your fleet. Add SAML SSO + SCIM provisioning when procurement says you have to.

Method	Tier	What it does
Magic link	Teams	One-time link to your work email. No password to phish. Default — works on day one.
SAML 2.0 SSO	Teams	Full XML-DSig SignatureValue + DigestValue verify. Cert + issuer pinning per IdP. SHA-1 rejected.
SCIM 2.0 provisioning	Teams	Okta · Azure AD · OneLogin. Auto-provision seats on hire, auto-deprovision on offboard.
PIV / CAC smart card	Enterprise	RSA-SHA256 + ECDSA over P-256/384/521. Full chain validation + optional CA-fingerprint pinning.

Compliance, on tap

Procurement reviewers get evidence — not "trust us."

Evidence bundle

Signed JSON at /compliance/evidence. 49 features × 30 controls mapped (SOC 2 · HIPAA · PCI-DSS v4.0 · ISO 27001:2022). Reproducible from the codebase.

SBOM

CycloneDX 1.5, ed25519-signed. One file per release. Vulnerability scanners ingest it directly.

SIEM export

Signed JSONL at /siem/export, paginated. Push to Splunk, Datadog, Elastic, or your home-grown log lake.

/healthz introspection

Live policy version, audit chain head hash, last-successful SIEM flush, license issuer reachability. The thing oncall pings first.

Public manifest

The compliance manifest is published publicly so procurement can review before contacting sales.

Audit retention

Per-org retention window (90d / 1y / 7y / unlimited). Tamper-evident hash chain — breaks visibly if any record is altered.

Enterprise · sovereignty

When the customer perimeter is the perimeter.

Self-hosted issuer

Run altIssuer.ts in your own KMS-backed deployment. Customer keys never leave the customer perimeter; AZMX HQ never sees a license-token request.

Air-gap policy gate

airGap.ts structurally disables every network-touching feature. Updates handled via internal mirror; license refresh via manual CRL drop.

FIPS 140-3 allowlist

fipsMode.ts restricts provider + crypto primitive selection to FIPS-approved set. FIPS-compliant build artifact ships with the first FedRAMP customer.

Full enterprise pitch ↗

Honest answers

What the admin console doesn’t do.

It doesn’t see your prompts or your code.

BYOK means your prompts go member-machine → provider. The admin console sees usage metadata (tokens, cost, tool counts) and audit metadata (which tools were called, when, approved by whom) — never the bytes.

It doesn’t replace your IdP.

Magic link works on day one. SAML + SCIM hook into Okta / Azure AD / OneLogin when procurement requires it. We don’t want to be your identity store.

It doesn’t force a cloud dependency.

Air-gap mode + self-hosted issuer means an Enterprise org can run AZMX with zero outbound traffic to azmx.ai. The admin console can run on-prem in that deployment.

It doesn’t paywall the policy gate.

The built-in deny-list, approval gate, and DLP scrubber are on every tier. Teams gates the fleet features: pushed policy, shared MCP registry, audit aggregation, custom deny-list patterns.

It doesn’t make billing exotic.

Polar is the merchant of record for self-serve Pro + Teams. Standard cards, standard invoices, standard tax handling. Enterprise contracts via sales.

It doesn’t need a deploy to roll back.

Policy versions are server-side. Push a bad rule, hit "rollback to v17," every seat applies the previous version on next launch. No client update needed.

Provision the first seat. In minutes.

Magic-link in. Add a payment method when you’re ready to scale past the free workspace. No procurement gate to start.

Open admin console ↗ Enterprise sales →