What’s Covered
Single Sign-On
Authenticate through your identity provider via SAML 2.0 or OIDC. Enforce MFA and session policies at the IdP layer.
Roles & Permissions
Role-based access control with built-in roles and custom role definitions. Scope what each team member can view, configure, and act on.
SCIM Provisioning
Automatically provision and deprovision users from your identity provider. Map IdP groups directly to Draftt roles.
Why It Matters
Governance tooling that itself lacks access controls creates a paradox. Draftt holds visibility into your entire tech stack: infrastructure topology, configuration state, ownership mappings, cost footprints, and compliance posture. That data needs to be protected with the same rigor you apply to your production systems. Enterprise Controls close that gap:- SSO ensures authentication flows through your centrally managed identity provider, not a local credential store. Revoking access at the IdP immediately removes Draftt access.
- RBAC ensures engineers see what they need to do their job, platform teams can configure governance policies, and sensitive data like cost and compliance posture is scoped appropriately.
- SCIM means your HR and IT systems drive user lifecycle in Draftt automatically. Onboarding creates access. Offboarding removes it. No manual tickets.
Availability
| Feature | Availability |
|---|---|
| SSO (SAML 2.0) | Enterprise |
| SSO (OIDC) | Enterprise |
| SCIM Provisioning | Enterprise |
| Built-in Roles | All plans |
Enterprise Controls are available on the Enterprise plan. Contact your account team to enable them for your organization.