Enterprise Docs Page

docs/toolhive/enterprise/index.mdx

@@ -0,0 +1,336 @@
+---
+title: Stacklok Enterprise
+description: Stacklok Enterprise offerings for ToolHive
+hide_title: false
+---
+
+import HubSpotForm from '@site/src/components/HubSpotForm';
+
+<h2>A hardened and production-ready distribution of ToolHive Community</h2>
+Securely scale MCP servers across your enterprise with Stacklok Enterprise's
+signed binaries, hardened images, formal semantic versioning, backported
+security patches, and turnkey identity provider integrations. Kubernetes native
+and LLM agnostic. Self-hosted in your environment, governed by your policies, no
+vendor lock-in.
+<HubSpotForm
+  anchorId='schedule-a-demo'
+  title='Schedule a Demo'
+  subtitle='See how teams go from evaluation to production in under 60 days'
+  portalId='42544743'
+  formId='9e42c0ba-c41b-4d22-bacc-86d75854da06'
+  region='na2'
+  instanceId='demo-cta'
+/>
+
+---
+
+<p className='text--center'>
+  Running in production at major financial services, technology, and software
+  companies, <br />
+  including Fortune 500 and Global 2000 enterprises
+</p>
+
+---
+
+## When Community isn't enough
+
+Teams typically move to Stacklok Enterprise when they hit one of these walls:
+
+<ul className='stacklok-icon-list'>
+  <li>
+    Developers are bringing their own MCP servers to work — shadow AI is
+    spreading and there is no central control
+  </li>
+  <li>
+    Your organization has multiple coding assistants and AI agents that need
+    access to business context
+  </li>
+  <li>
+    Your security or compliance team is asking how MCP servers are
+    authenticated, audited, and patched
+  </li>
+  <li>
+    You need SSO and IdP integration (Okta, Entra ID) across your organization
+  </li>
+  <li>
+    You are running MCP in production and need SLA-backed support for incidents
+  </li>
+  <li>
+    You need centralized governance and policy enforcement across multiple teams
+    or business units
+  </li>
+  <li>
+    Your environment requires a semantically versioned, supply-chain-attested
+    distribution rather than continuous rolling release
+  </li>
+</ul>
+
+Recognizing these challenges in your organization?
+[Schedule a demo](#schedule-a-demo) to see how Stacklok Enterprise addresses
+them.
+
+---
+
+## ToolHive Community vs. Stacklok Enterprise
+
+### Distribution & packaging
+
+| Capability                                                | Community  |                 Enterprise                 |
+| :-------------------------------------------------------- | :--------: | :----------------------------------------: |
+| ToolHive core platform                                    |     ✓      |                     ✓                      |
+| Release model                                             | Continuous | Semantically versioned (MAJOR.MINOR.PATCH) |
+| SigStore Cosign package signing with SBOM                 |     ✓      |                     ✓                      |
+| Patch versions retained for bugfixes and security updates |     —      |                     ✓                      |
+| Scanning attestations                                     |     —      |                     ✓                      |
+| SLSA build provenance                                     |     —      |                     ✓                      |
+
+### Security and supply chain
+
+| Capability                                               | Community | Enterprise |
+| :------------------------------------------------------- | :-------: | :--------: |
+| Basic scanning (Trivy, unit tests, integration tests)    |     ✓     |     ✓      |
+| Static analysis on every release (attested via SigStore) |     —     |     ✓      |
+| Autonomous pen testing on every minor release            |     —     |     ✓      |
+| Hardened container base images (Chainguard or equiv.)    |     —     |     ✓      |
+| Proactive notification of vulnerabilities                |     —     |     ✓      |
+| CVEs addressed within SLO with responsible disclosure    |     —     |     ✓      |
+| All Sev 0–3 vulnerabilities backported as patch updates  |     —     |     ✓      |
+
+### Auth, identity & governance
+
+| Capability                                            | Community | Enterprise |
+| :---------------------------------------------------- | :-------: | :--------: |
+| Basic authentication                                  |     ✓     |     ✓      |
+| Policy-as-code engine (CEDAR)                         |     ✓     |     ✓      |
+| Audit logging & compliance reporting                  |     ✓     |     ✓      |
+| Built-in IdP integration (Okta, Entra ID)             |     —     |     ✓      |
+| IdP group → ToolHive role mapping                     |     —     |     ✓      |
+| Canonical policy packs (read-only, full CRUD, custom) |     —     |     ✓      |
+| Token exchange & credential brokering                 |     —     |     ✓      |
+
+### Enterprise UI & management
+
+| Capability                                         | Community | Enterprise |
+| :------------------------------------------------- | :-------: | :--------: |
+| ToolHive CLI                                       |     ✓     |     ✓      |
+| Usage telemetry & analytics (OpenTelemetry)        |     ✓     |     ✓      |
+| Enterprise MCP registry server and catalog         |     ✓     |     ✓      |
+| Enterprise Cloud UI (full CRUD management console) |     —     |     ✓      |
+| Hardened Desktop UI (enterprise lockdown controls) |     —     |     ✓      |
+
+### Versioning, maintenance & support
+
+| Capability                                     | Community | Enterprise |
+| :--------------------------------------------- | :-------: | :--------: |
+| Latest release                                 |     ✓     |     ✓      |
+| Supported versions: LATEST, LATEST-1, LATEST-2 |     —     |     ✓      |
+| Community support (GitHub)                     |     ✓     |     ✓      |
+| Dedicated support with SLA                     |     —     |     ✓      |
+| Proactive security advisories                  |     —     |     ✓      |
+| Onboarding & integration assistance            |     —     |     ✓      |
+
+### Enterprise Connectors (MCP Servers)
+
+| Attribute                                   |  Community  |              Enterprise              |
+| :------------------------------------------ | :---------: | :----------------------------------: |
+| Base image                                  | Open source |       Chainguard or equivalent       |
+| Signing & attestations                      |      —      | SigStore signed with SLSA provenance |
+| Customized tools (tuned to agent workflows) |      —      |                  ✓                   |
+| Streamable HTTP transport                   |      —      |                  ✓                   |
+| SBOM & dependency vetting                   |      —      |                  ✓                   |
+| Qualified for target workload               |      —      |                  ✓                   |
+| Maintained on enterprise release cadence    |      —      |                  ✓                   |
+| Backported security patches                 |      —      |                  ✓                   |
+
+Seen enough to want a closer look? [Schedule a demo](#schedule-a-demo) to walk
+through the capabilities that matter most to your team.
+
+---
+
+## Product offerings
+
+Stacklok aims to keep pricing and licensing simple. Stacklok Enterprise and its
+Enterprise Connectors are licensed as an annual subscription. Professional
+services are priced based on time and materials.
+
+| SKU                              | Description                                                                                                                    |            Pricing Model            |
+| :------------------------------- | :----------------------------------------------------------------------------------------------------------------------------- | :---------------------------------: |
+| **Stacklok Enterprise Platform** | Enterprise licensed distribution of ToolHive with Cloud UI, Desktop UI, IdP integration, policy engine, and SLA-backed support |         Annual subscription         |
+| **Enterprise Connectors**        | Production-ready connectors, maintained on enterprise release cadence                                                          | Annual subscription (per connector) |
+| **Professional Services**        | Extended integration, policy configuration, additional IdP onboarding, connector development                                   |          Time & materials           |
+
+Ready to discuss what the right package looks like for your organization?
+[Schedule a demo](#schedule-a-demo) to talk through your requirements.
+
+---
+
+## Enterprise Platform Components
+
+Stacklok Enterprise Platform secures MCP servers across your organization
+through its registry, runtime, gateway, and portal.
+
+### Registry: No more fighting shadow AI
+
+| The source of truth for approved MCP servers within the enterprise.      |
+| :----------------------------------------------------------------------- |
+| Integrate with the official MCP registry                                 |
+| Add custom MCP servers and skills                                        |
+| Group servers based on role or use case                                  |
+| Manage your registry with an API-driven interface                        |
+| Verify provenance and sign servers with built-in security controls       |
+| Preset configurations and permissions for a frictionless user experience |
+
+### Runtime: Kubernetes-native deployment
+
+| Deploy, run, and manage MCP servers in Kubernetes with security guardrails. |
+| :-------------------------------------------------------------------------- |
+| Deploy MCP servers in the cloud via Kubernetes                              |
+| Run MCP servers locally via Docker or Podman                                |
+| Proxy remote MCP servers securely for unified management                    |
+| Kubernetes Operator for fleet and resource management                       |
+| Leverage OpenTelemetry for centralized monitoring and audit logging         |
+
+### Gateway: Single endpoint, full control
+
+| Intelligent MCP gateway for authentication, authorization, and policy enforcement.       |
+| :--------------------------------------------------------------------------------------- |
+| Integrate with your IdP for SSO (OIDC/OAuth compatible)                                  |
+| Build composite tools that orchestrate multiple tools in parallel or sequential chains   |
+| Customize and filter tools and descriptions                                              |
+| Reduce context bloat and token usage                                                     |
+| Connect with local clients like Claude Desktop, Cursor, and Visual Studio Code (VS Code) |
+
+### Portal: Self-service with guardrails
+
+| Custom UI for teams to discover, deploy and manage approved MCP servers. |
+| :----------------------------------------------------------------------- |
+| Cross-platform desktop app and web-based cloud UI                        |
+| Make it easy for admins to curate MCP servers and tools                  |
+| Automate server discovery                                                |
+| Install MCP servers with a single click                                  |
+| Compatible with hundreds of AI clients                                   |
+
+Ready to see how the platform works in your environment?
+[Start a proof of concept](#validate-stacklok-enterprise-in-your-environment) to
+take the next step.
+
+---
+
+## Validate Stacklok Enterprise in your environment
+
+Stacklok helps you validate Stacklok Enterprise in your environment at your pace
+with forward-deployed engineering support.
+
+<HubSpotForm
+  title='Learn about the proof of concept'
+  subtitle='Scoped to your environment. Hands-on support throughout.'
+  portalId='42544743'
+  formId='9e42c0ba-c41b-4d22-bacc-86d75854da06'
+  region='na2'
+  instanceId='poc-cta'
+/>
+
+---
+
+## Frequently asked questions
+
+<details>
+<summary>How does Stacklok Enterprise relate to ToolHive Community?</summary>
+
+ToolHive Community is an open source distribution optimized for individual
+developers and pre-production use, making it the right tool for evaluating MCP
+and building a proof of concept. Stacklok Enterprise is a separate, hardened
+distribution built for production: semantically versioned, with IdP integration,
+centralized governance, and SLA-backed support. Moving from Community to
+Enterprise is a supported migration where Stacklok provides the enterprise
+binaries and dedicated engineering support to take you from proof of concept to
+production.
+[See the full comparison](#toolhive-community-vs-stacklok-enterprise) or
+[learn about the proof of concept engagement](#validate-stacklok-enterprise-in-your-environment).
+
+</details>
+
+<details>
+<summary>What happens to my data if I end my Enterprise contract?</summary>
+
+Your data never leaves your environment. Stacklok Enterprise is fully
+self-hosted: you retain complete control over your data and infrastructure,
+regardless of contract status. If you end your subscription, you can downgrade
+to the open-source version at any time. The only things you lose are access to
+Enterprise features, forward-deployed engineers, backported security patches,
+and dedicated support. There is zero vendor lock-in.
+[Learn more about the product offerings](#product-offerings).
+
+</details>
+
+<details>
+<summary>How long does a typical deployment take?</summary>
+
+Most customers begin to see value in less than 2 weeks of contract signing.
+Stacklok works directly with your platform team, and every Enterprise license
+includes dedicated engineering support throughout the process. You will need an
+existing Kubernetes environment to get started. Timelines are scoped to your
+environment, so if your situation is more complex, Stacklok will work at your
+pace.
+[Learn about the proof of concept engagement](#validate-stacklok-enterprise-in-your-environment).
+
+</details>
+
+<details>
+<summary>Why should I use an MCP platform instead of running MCP servers directly?</summary>
+
+Running MCP servers directly gives you no isolation, no access controls, and no
+visibility into what those servers are doing. Stacklok Enterprise addresses this
+by running each server in its own container with least-privilege permissions,
+encrypting credentials at rest, and tracing every tool call via OpenTelemetry.
+Stacklok Enterprise adds centralized governance, IdP-backed authentication, and
+audit logging for teams running MCP at scale across their organization.
+[Explore the core concepts](../concepts) to dig deeper into how ToolHive works.
+
+</details>
+
+<details>
+<summary>What AI clients work with Stacklok Enterprise?</summary>
+
+Stacklok Enterprise works with any AI coding assistant or agent that supports
+MCP. This includes Claude Code, GitHub Copilot, Cursor, Windsurf, VS Code, Zed,
+Cline, Continue, Roo Code, Goose, LM Studio, OpenAI Codex, and many more. Most
+clients support automatic configuration so developers can connect without manual
+setup.
+[See the full client compatibility reference](../reference/client-compatibility)
+for the complete list.
+
+</details>
+
+<details>
+<summary>Can I run custom MCP servers outside the Stacklok registry?</summary>
+
+Yes. Stacklok Enterprise starts with a base registry of vetted, hardened MCP
+servers maintained by Stacklok. From there, you have full control to add your
+own servers from public package managers, Docker images, remote URLs, or build a
+private registry tailored to your organization. You are never limited to
+Stacklok's catalog.
+[See how to run MCP servers in Kubernetes](../guides-k8s/run-mcp-k8s) for the
+full details.
+
+</details>
+
+<details>
+<summary>Is Stacklok Enterprise available on AWS or Azure Marketplace?</summary>
+
+[Get in touch](#schedule-a-demo) to share your use case.
+
+</details>
+
+---
+
+## Explore ToolHive Community
+
+:::tip[Not ready for Stacklok Enterprise yet?]
+
+ToolHive Community is free, open source, and the best way to evaluate MCP before
+moving to production.
+
+[Get started with ToolHive Community →](/toolhive)
+
+:::

docusaurus.config.ts

@@ -292,7 +292,7 @@ const config: Config = {
           position: 'left',
         },
         {
-          href: 'https://stacklok.com/platform/',
+          to: '/toolhive/enterprise',
           label: 'Enterprise',
           position: 'left',
         },

sidebars.ts

@@ -279,6 +279,7 @@ const sidebars: SidebarsConfig = {
       items: [{ type: 'autogenerated', dirName: 'toolhive/guides-mcp' }],
     },
 
+    'toolhive/enterprise/index',
     'toolhive/reference/client-compatibility',
     'toolhive/reference/index',
     'toolhive/faq',