Aroha for Enterprise
Bounded authority for your
agent fleet — inside your boundary
The Aroha protocol and SDKs are open source and free forever. Enterprise adds the three things a production agent program needs and shouldn't build itself: managed infrastructure, governed identity, and the compliance envelope your procurement team requires — deployable inside your own cloud.
The problem we solve
When your agents act autonomously — spending, sending, deleting, delegating to sub-agents and to other companies' agents — nothing in OAuth, API keys, or rate limits was built to bound them. Aroha gives every action a cryptographically enforced ceiling and a signed receipt, so a runaway loop or a prompt injection exhausts a bounded allowance instead of your credit card, and every action traces to a human authorization.
What an Enterprise agreement includes
Available now ships today·Roadmap committed roadmap, available to design-partner customers
Managed infrastructure
We run the operational surface so your team doesn't have to. Everything here is self-hostable under MIT if you prefer — you're paying us to operate it, not to unlock it.
- Available nowHosted Agent Registry with an SLA (discovery, keys, reputation)
- Available nowHosted agents — deploy from Studio, we serve them
- Available nowContent-addressed manifest hosting (IPFS gateway)
- Available nowElevated rate & usage limits above the community tier
- RoadmapPrivate, single-tenant registry instance
Identity & access governance
API keys are free for everyone. What enterprise buys is governed, accountable, org-scoped access.
- Available nowOrg-scoped API key issuance, rotation, and revocation
- Available nowPer-key and per-agent audit of every action
- RoadmapSAML SSO
- RoadmapSCIM directory sync (auto-provision / deprovision)
- RoadmapRole-based access control across team members
The compliance & trust envelope
The part free users can't replicate — and the reason most enterprises engage.
- Available nowTamper-evident audit trail: every mandate, delegation, and action carries a signed receipt
- Available nowGDPR data-processing guidance (published)
- Available nowFinancial-regulation guidance for agent spending (published)
- Roadmap30 / 90-day audit-log retention tiers
- RoadmapSOC 2 Type I — controls underway, audit targeted H1 2027
- RoadmapConformance certification for your own agents
Deployment inside your boundary
For regulated buyers who cannot use shared infrastructure at all.
- Available nowShared managed cloud (default)
- RoadmapPrivate cloud / dedicated VPC deployment
- RoadmapOn-premise deployment of the full open-source stack
- RoadmapCustom SLA up to 99.99%, dedicated support channel, named onboarding
How engagement works
Scoping call
We map your agent architecture to the three chokepoints Aroha governs, and identify which of the above you actually need — most teams need less than they expect.
Design-partner pilot
A scoped pilot on a real workload, with hands-on integration support. Early enterprise customers help set the roadmap and the pricing.
Agreement
Custom terms, SLA, deployment model, and retention — invoiced directly. Security questionnaire responses and architecture docs available on request.
Open protocol
MIT-licensed spec and SDKs. No lock-in — self-host the whole stack if you leave.
Auditable claims
Every guarantee mapped to the code that enforces it and the test that proves it.
Security posture
Threat model, compliance roadmap, and questionnaire responses on request.
Start a conversation
Tell us what your agents do and where they act. We'll tell you honestly which parts of Aroha you need today and which can wait.
contact@aroha-labs.com