diff --git a/docs/toolhive/enterprise/index.mdx b/docs/toolhive/enterprise/index.mdx
new file mode 100644
index 00000000..003e3546
--- /dev/null
+++ b/docs/toolhive/enterprise/index.mdx
@@ -0,0 +1,329 @@
+---
+title: Stacklok Enterprise
+description: Stacklok Enterprise offerings for ToolHive
+hide_title: false
+---
+
+import HubSpotForm from '@site/src/components/HubSpotForm';
+
+A hardened and production-ready distribution of ToolHive Community
+Securely scale MCP servers across your enterprise with Stacklok Enterprise's
+signed binaries, hardened images, formal semantic versioning, backported
+security patches, and turnkey identity provider integrations. Kubernetes native
+and LLM agnostic. Self-hosted in your environment, governed by your policies, no
+vendor lock-in.
+
+
+---
+
+
+ Running in production at major financial services, technology, and software
+ companies,
+ including Fortune 500 and Global 2000 enterprises
+
+
+---
+
+## When Community isn't enough
+
+Teams typically move to Stacklok Enterprise when they hit one of these walls:
+
+
+ -
+ Developers are bringing their own MCP servers to work — shadow AI is
+ spreading and there is no central control
+
+ -
+ Your organization has multiple coding assistants and AI agents that need
+ access to business context
+
+ -
+ Your security or compliance team is asking how MCP servers are
+ authenticated, audited, and patched
+
+ -
+ You need SSO and IdP integration (Okta, Entra ID) across your organization
+
+ -
+ You are running MCP in production and need SLA-backed support for incidents
+
+ -
+ You need centralized governance and policy enforcement across multiple teams
+ or business units
+
+ -
+ Your environment requires a semantically versioned, supply-chain-attested
+ distribution rather than continuous rolling release
+
+
+
+Recognizing these challenges in your organization?
+[Schedule a demo](#schedule-a-demo) to see how Stacklok Enterprise addresses
+them.
+
+---
+
+## ToolHive Community vs. Stacklok Enterprise
+
+### Distribution & packaging
+
+| Capability | Community | Enterprise |
+| :-------------------------------------------------------- | :--------: | :----------------------------------------: |
+| ToolHive core platform | ✓ | ✓ |
+| Release model | Continuous | Semantically versioned (MAJOR.MINOR.PATCH) |
+| SigStore Cosign package signing with SBOM | ✓ | ✓ |
+| Patch versions retained for bugfixes and security updates | — | ✓ |
+| Scanning attestations | — | ✓ |
+| SLSA build provenance | — | ✓ |
+
+### Security and supply chain
+
+| Capability | Community | Enterprise |
+| :------------------------------------------------------- | :-------: | :--------: |
+| Basic scanning (Trivy, unit tests, integration tests) | ✓ | ✓ |
+| Static analysis on every release (attested via SigStore) | — | ✓ |
+| Autonomous pen testing on every minor release | — | ✓ |
+| Hardened container base images (Chainguard or equiv.) | — | ✓ |
+| Proactive notification of vulnerabilities | — | ✓ |
+| CVEs addressed within SLO with responsible disclosure | — | ✓ |
+| All Sev 0–3 vulnerabilities backported as patch updates | — | ✓ |
+
+### Auth, identity & governance
+
+| Capability | Community | Enterprise |
+| :---------------------------------------------------- | :-------: | :--------: |
+| Basic authentication | ✓ | ✓ |
+| Policy-as-code engine (CEDAR) | ✓ | ✓ |
+| Audit logging & compliance reporting | ✓ | ✓ |
+| Built-in IdP integration (Okta, Entra ID) | — | ✓ |
+| IdP group → ToolHive role mapping | — | ✓ |
+| Canonical policy packs (read-only, full CRUD, custom) | — | ✓ |
+| Token exchange & credential brokering | — | ✓ |
+
+### Enterprise UI & management
+
+| Capability | Community | Enterprise |
+| :------------------------------------------------- | :-------: | :--------: |
+| ToolHive CLI | ✓ | ✓ |
+| Usage telemetry & analytics (OpenTelemetry) | ✓ | ✓ |
+| Enterprise MCP registry server and catalog | ✓ | ✓ |
+| Enterprise Cloud UI (full CRUD management console) | — | ✓ |
+| Hardened Desktop UI (enterprise lockdown controls) | — | ✓ |
+
+### Versioning, maintenance & support
+
+| Capability | Community | Enterprise |
+| :--------------------------------------------- | :-------: | :--------: |
+| Latest release | ✓ | ✓ |
+| Supported versions: LATEST, LATEST-1, LATEST-2 | — | ✓ |
+| Community support (GitHub) | ✓ | ✓ |
+| Dedicated support with SLA | — | ✓ |
+| Proactive security advisories | — | ✓ |
+| Onboarding & integration assistance | — | ✓ |
+
+### Enterprise Connectors (MCP Servers)
+
+| Attribute | Community | Enterprise |
+| :------------------------------------------ | :---------: | :----------------------------------: |
+| Base image | Open source | Chainguard or equivalent |
+| Signing & attestations | — | SigStore signed with SLSA provenance |
+| Customized tools (tuned to agent workflows) | — | ✓ |
+| Streamable HTTP transport | — | ✓ |
+| SBOM & dependency vetting | — | ✓ |
+| Qualified for target workload | — | ✓ |
+| Maintained on enterprise release cadence | — | ✓ |
+| Backported security patches | — | ✓ |
+
+Seen enough to want a closer look? [Schedule a demo](#schedule-a-demo) to walk
+through the capabilities that matter most to your team.
+
+---
+
+## Product offerings
+
+Stacklok aims to keep pricing and licensing simple. Stacklok Enterprise and its
+Enterprise Connectors are licensed as an annual subscription. Professional
+services are priced based on time and materials.
+
+| SKU | Description | Pricing Model |
+| :------------------------------- | :----------------------------------------------------------------------------------------------------------------------------- | :---------------------------------: |
+| **Stacklok Enterprise Platform** | Enterprise licensed distribution of ToolHive with Cloud UI, Desktop UI, IdP integration, policy engine, and SLA-backed support | Annual subscription |
+| **Enterprise Connectors** | Production-ready connectors, maintained on enterprise release cadence | Annual subscription (per connector) |
+| **Professional Services** | Extended integration, policy configuration, additional IdP onboarding, connector development | Time & materials |
+
+Ready to discuss what the right package looks like for your organization?
+[Schedule a demo](#schedule-a-demo) to talk through your requirements.
+
+---
+
+## Enterprise Platform Components
+
+Stacklok Enterprise Platform secures MCP servers across your organization
+through its registry, runtime, gateway, and portal.
+
+### Registry: No more fighting shadow AI
+
+| The source of truth for approved MCP servers within the enterprise. |
+| :----------------------------------------------------------------------- |
+| Integrate with the official MCP registry |
+| Add custom MCP servers and skills |
+| Group servers based on role or use case |
+| Manage your registry with an API-driven interface |
+| Verify provenance and sign servers with built-in security controls |
+| Preset configurations and permissions for a frictionless user experience |
+
+### Runtime: Kubernetes-native deployment
+
+| Deploy, run, and manage MCP servers in Kubernetes with security guardrails. |
+| :-------------------------------------------------------------------------- |
+| Deploy MCP servers in the cloud via Kubernetes |
+| Run MCP servers locally via Docker or Podman |
+| Proxy remote MCP servers securely for unified management |
+| Kubernetes Operator for fleet and resource management |
+| Leverage OpenTelemetry for centralized monitoring and audit logging |
+
+### Gateway: Single endpoint, full control
+
+| Intelligent MCP gateway for authentication, authorization, and policy enforcement. |
+| :--------------------------------------------------------------------------------------- |
+| Integrate with your IdP for SSO (OIDC/OAuth compatible) |
+| Build composite tools that orchestrate multiple tools in parallel or sequential chains |
+| Customize and filter tools and descriptions |
+| Reduce context bloat and token usage |
+| Connect with local clients like Claude Desktop, Cursor, and Visual Studio Code (VS Code) |
+
+### Portal: Self-service with guardrails
+
+| Custom UI for teams to discover, deploy and manage approved MCP servers. |
+| :----------------------------------------------------------------------- |
+| Cross-platform desktop app and web-based cloud UI |
+| Make it easy for admins to curate MCP servers and tools |
+| Automate server discovery |
+| Install MCP servers with a single click |
+| Compatible with hundreds of AI clients |
+
+Ready to see how the platform works in your environment?
+[Start a proof of concept](#validate-stacklok-enterprise-in-your-environment) to
+take the next step.
+
+---
+
+## Validate Stacklok Enterprise in your environment
+
+Stacklok helps you validate Stacklok Enterprise in your environment at your pace
+with forward-deployed engineering support.
+
+
+
+---
+
+## Frequently asked questions
+
+
+How does Stacklok Enterprise relate to ToolHive Community?
+
+ToolHive Community is an open source distribution optimized for individual
+developers and pre-production use, making it the right tool for evaluating MCP
+and building a proof of concept. Stacklok Enterprise is a separate, hardened
+distribution built for production: semantically versioned, with IdP integration,
+centralized governance, and SLA-backed support. Moving from Community to
+Enterprise is a supported migration where Stacklok provides the enterprise
+binaries and dedicated engineering support to take you from proof of concept to
+production.
+[See the full comparison](#toolhive-community-vs-stacklok-enterprise) or
+[learn about the proof of concept engagement](#validate-stacklok-enterprise-in-your-environment).
+
+
+
+
+What happens to my data if I end my Enterprise contract?
+
+Your data never leaves your environment. Stacklok Enterprise is fully
+self-hosted: you retain complete control over your data and infrastructure,
+regardless of contract status. If you end your subscription, you can downgrade
+to the open-source version at any time. The only things you lose are access to
+Enterprise features, forward-deployed engineers, backported security patches,
+and dedicated support. There is zero vendor lock-in.
+[Learn more about the product offerings](#product-offerings).
+
+
+
+
+How long does a typical deployment take?
+
+Most customers begin to see value in less than 2 weeks of contract signing.
+Stacklok works directly with your platform team, and every Enterprise license
+includes dedicated engineering support throughout the process. You will need an
+existing Kubernetes environment to get started. Timelines are scoped to your
+environment, so if your situation is more complex, Stacklok will work at your
+pace.
+[Learn about the proof of concept engagement](#validate-stacklok-enterprise-in-your-environment).
+
+
+
+
+Why should I use an MCP platform instead of running MCP servers directly?
+
+Running MCP servers directly gives you no isolation, no access controls, and no
+visibility into what those servers are doing. Stacklok Enterprise addresses this
+by running each server in its own container with least-privilege permissions,
+encrypting credentials at rest, and tracing every tool call via OpenTelemetry.
+Stacklok Enterprise adds centralized governance, IdP-backed authentication, and
+audit logging for teams running MCP at scale across their organization.
+[Explore the core concepts](../concepts) to dig deeper into how ToolHive works.
+
+
+
+
+What AI clients work with Stacklok Enterprise?
+
+Stacklok Enterprise works with any AI coding assistant or agent that supports
+MCP. This includes Claude Code, GitHub Copilot, Cursor, Windsurf, VS Code, Zed,
+Cline, Continue, Roo Code, Goose, LM Studio, OpenAI Codex, and many more. Most
+clients support automatic configuration so developers can connect without manual
+setup.
+[See the full client compatibility reference](../reference/client-compatibility)
+for the complete list.
+
+
+
+
+Can I run custom MCP servers outside the Stacklok registry?
+
+Yes. Stacklok Enterprise starts with a base registry of vetted, hardened MCP
+servers maintained by Stacklok. From there, you have full control to add your
+own servers from public package managers, Docker images, remote URLs, or build a
+private registry tailored to your organization. You are never limited to
+Stacklok's catalog.
+[See how to run MCP servers in Kubernetes](../guides-k8s/run-mcp-k8s) for the
+full details.
+
+
+
+---
+
+## Explore ToolHive Community
+
+:::tip[Not ready for Stacklok Enterprise yet?]
+
+ToolHive Community is free, open source, and the best way to evaluate MCP before
+moving to production.
+
+[Get started with ToolHive Community →](/toolhive)
+
+:::
diff --git a/docusaurus.config.ts b/docusaurus.config.ts
index 36b3c5be..5172580d 100644
--- a/docusaurus.config.ts
+++ b/docusaurus.config.ts
@@ -292,7 +292,7 @@ const config: Config = {
position: 'left',
},
{
- href: 'https://stacklok.com/platform/',
+ to: '/toolhive/enterprise',
label: 'Enterprise',
position: 'left',
},
diff --git a/sidebars.ts b/sidebars.ts
index e1f929d0..2f32f2d7 100644
--- a/sidebars.ts
+++ b/sidebars.ts
@@ -279,6 +279,7 @@ const sidebars: SidebarsConfig = {
items: [{ type: 'autogenerated', dirName: 'toolhive/guides-mcp' }],
},
+ 'toolhive/enterprise/index',
'toolhive/reference/client-compatibility',
'toolhive/reference/index',
'toolhive/faq',
diff --git a/src/components/HubSpotForm/index.tsx b/src/components/HubSpotForm/index.tsx
new file mode 100644
index 00000000..b51e50d1
--- /dev/null
+++ b/src/components/HubSpotForm/index.tsx
@@ -0,0 +1,119 @@
+// SPDX-FileCopyrightText: Copyright 2025 Stacklok, Inc.
+// SPDX-License-Identifier: Apache-2.0
+
+import React, { useEffect, useRef, useState } from 'react';
+
+interface HubSpotFormProps {
+ portalId: string;
+ formId: string;
+ region: string;
+ instanceId: string;
+ title?: string;
+ subtitle?: string;
+ anchorId?: string;
+}
+
+const SCRIPT_SRC = '//js-na2.hsforms.net/forms/embed/v2.js';
+
+export default function HubSpotForm({
+ portalId,
+ formId,
+ region,
+ instanceId,
+ title,
+ subtitle,
+ anchorId,
+}: HubSpotFormProps): React.ReactElement {
+ const containerRef = useRef(null);
+ const [submitted, setSubmitted] = useState(false);
+ const targetId = `hubspot-form-${instanceId}`;
+
+ useEffect(() => {
+ if (!containerRef.current) return;
+
+ const init = () => {
+ window['hbspt'].forms.create({
+ portalId,
+ formId,
+ region,
+ target: `#${targetId}`,
+ onFormSubmitted: () => setSubmitted(true),
+ });
+ };
+
+ if (window['hbspt']) {
+ init();
+ return;
+ }
+
+ const existing = document.querySelector(`script[src="${SCRIPT_SRC}"]`);
+ if (existing) {
+ existing.addEventListener('load', init);
+ return;
+ }
+
+ const script = document.createElement('script');
+ script.src = SCRIPT_SRC;
+ script.charset = 'utf-8';
+ script.type = 'text/javascript';
+ script.addEventListener('load', init);
+ document.body.appendChild(script);
+ }, [portalId, formId, region]);
+
+ const formContent = submitted ? (
+
+ {/* This div is intentionally empty to trigger HubSpot form confirmation message */}
+
+ ) : (
+
+ );
+
+ if (title) {
+ return (
+
+
+
+ {title}
+
+ {subtitle && (
+
+ {subtitle}
+
+ )}
+
+ {formContent}
+
+
+