The Organisation Settings page at /settings/org/settings is where you flip features on and off for everyone in your org. There is no global save; every toggle commits immediately when clicked.
Layout
Three cards, stacked:
- Chat & AI Capabilities: what users can do inside a conversation
- Shell & MCP Access: isolated shell containers and Model Context Protocol servers
- User Management: shortcuts into the Members and Teams pages (documented separately in Users and teams)
Each toggle in cards 1 and 2 shows its current state (On or Off), a description, and an Enable/Disable button. Some toggles carry a small badge or a lock icon. See Platform overrides below.
Chat & AI Capabilities
| Toggle | What it controls |
|---|---|
| Web Search | Whether users can ask the model to search the web for real-time information during a conversation |
| File Attachments | Whether users can attach PDFs, images, and other documents to messages for the model to analyse |
| Code Execution | Whether the model is allowed to write and run code inside shell containers to complete a task |
| Cloud Agents | Whether users can dispatch long-running autonomous agents and build automated workflows |
All four default to on for a new org. Turning one off hides the corresponding UI affordance in chat (for example, disabling Web Search removes the globe button from the composer) and refuses the equivalent API path.
Shell & MCP Access
| Toggle | What it controls |
|---|---|
| Shell Access | Whether members get isolated shell containers. Required for Code Execution and any MCP tool that uses the shell |
| MCP Servers | Whether users can add and call Model Context Protocol servers from inside their shell |
| User-submitted MCP Requests | Whether users can request a new MCP server that isn't already in the approved registry |
User-submitted MCP requests are reviewed by a platform admin before activation. Turning the toggle on does not auto-approve anything; it only opens the request form to users in your org.
Platform overrides
Some toggles can be disabled platform-wide by the PrivateMind platform team. When that happens the toggle:
- shows in a dimmed, locked state
- displays the message "Disabled platform-wide by administrator"
- refuses the Enable click
You cannot re-enable a platform-overridden feature from this page. If a feature you need is locked off, contact support.
The override is one-way: platform admins can disable but not force-enable. Your local Off state still wins over a platform-wide On state.
MCP Settings (separate page)
There is a related but distinct page at /settings/org/mcp-settings for finer-grained Model Context Protocol controls. It lists:
- Platform MCPs: services managed by the PrivateMind platform team and exposed to your org. Per-MCP toggles are marked "Coming soon" today; the page lists what is available but enforcement is a follow-up.
- User-pasted web MCPs: a single toggle controlling whether users in your org can paste arbitrary external MCP URLs as sources. Off by default. The platform's host blacklist still applies on top of whatever you set here.
What is not on this page
- Org name, display name, description, logo. These come from your subscription record and are edited by your PrivateMind account contact, not in the app.
- SSO configuration. Allowed email domains, IdP endpoints, and SAML metadata are configured outside the app, at the identity provider and platform layer.
- Data residency. Where your data is stored depends on where your org was provisioned. Changing residency requires re-provisioning and is handled by support.
- Subscription details. Tier, billing cycle, user limit, storage limit, and feature access are visible on the Overview page but are managed by the PrivateMind platform team.
If you expected to find any of these on this page and don't, that is by design. They are platform-level rather than org-admin-level controls.
Where next
- Users and teams: manage members and team groupings
- Audit logs: every toggle flip is logged with who and when
- Budgets and limits: metering and spend controls for the org
