Skip to content

SOP-022: Enterprise Features

Document Control

  • Version: 1.0
  • Last Updated: 2024
  • Category: Advanced

Purpose

Deploy and manage Cursor at enterprise scale with security, compliance, and administrative controls.


Scope

This SOP covers:

  • Enterprise security and compliance
  • Identity and access management
  • Administrative controls
  • Model and integration management

Prerequisites

  • Cursor Enterprise subscription
  • Admin access to Cursor dashboard
  • IT/Security team coordination

Security & Compliance Resources

ResourceURL
Trust Centertrust.cursor.com
Security Pagecursor.com/security
Privacy Overviewcursor.com/privacy-overview
DPAcursor.com/terms/dpa

Certifications: SOC2 Type II, GDPR compliance


Key Features

Identity & Access

FeatureDescription
SSO/SAMLSingle sign-on with your IdP
SCIMAutomated user provisioning
MDM PoliciesEnforce team IDs and extensions
RBACRole-based access control

Privacy & Security

FeatureDescription
Privacy ModeZero data retention with AI
Agent SecurityGuardrails for tool execution
HooksCustom security workflows
Repository BlocklistRestrict repo access

Administrative Controls

FeatureDescription
DashboardTeam management and monitoring
Admin APIProgrammatic admin access
AnalyticsUsage metrics and insights
Audit LogsTrack all administrative actions
AI Code TrackingPer-commit AI usage metrics

Procedure

Step 1: Set Up SSO

  1. Go to Dashboard > Settings > SSO
  2. Configure with your IdP (Okta, Azure AD, etc.)
  3. Map user attributes
  4. Test authentication flow

Step 2: Configure SCIM

  1. Enable SCIM provisioning in dashboard
  2. Configure in your IdP
  3. Set up automatic user sync
  4. Test provisioning/deprovisioning

Step 3: Deploy MDM Policies

Configure MDM to enforce:

  • Allowed team IDs
  • Approved extensions only
  • Settings restrictions

Step 4: Enable Privacy Mode

  1. Go to Dashboard > Settings
  2. Enable Enforce Privacy Mode
  3. This applies org-wide

Step 5: Configure Model Controls

Restrict which models users can access:

  1. Dashboard > Settings > Models
  2. Select allowed models
  3. Block unwanted models

Step 6: Set Up Audit Logs

  1. Enable audit logging in dashboard
  2. Configure SIEM integration
  3. Set retention policies

Plan Comparison

CapabilityTeamsEnterprise
Centralized BillingYesYes
SSO/SAMLYesYes
SCIMNoYes
Audit LogsNoYes
Privacy Mode EnforcementOptionalOrg-wide
Model RestrictionsNoYes
Repository BlocklistNoYes
AI Code Tracking APINoYes
Priority SupportNoYes
MSA & DPANoYes

Admin API

Access admin features programmatically:

bash
# Create API key at Dashboard > Settings > Advanced

# Example: Get team analytics
curl -X GET https://api.cursor.com/admin/analytics \
  -H "Authorization: Bearer $ADMIN_API_KEY"

Spend Controls

Configure usage limits:

LevelEnterprise
PoolTeam-wide pooled usage
Per-userAdmin-only controls
AlertsThreshold notifications

Verification Checklist

  • [ ] SSO configured and tested
  • [ ] SCIM provisioning working
  • [ ] MDM policies deployed
  • [ ] Privacy Mode enforced
  • [ ] Model controls configured
  • [ ] Audit logs streaming
  • [ ] Spend limits set

Getting Help

ChannelFor
Account TeamEnterprise support
hi@cursor.comGeneral inquiries
Security DisclosureVulnerabilities

See Also

Built with VitePress | Powered by Claude AI