Settings reference
Every setting you can configure as an administrator, in one place. Use this page to find a setting fast, see where it lives, who can change it, and which plan unlocks it — then jump to the step-by-step guide when you need to actually change it.
Your goal: know what’s tunable, where to find it, and what each setting does — without hunting through the app.
Before you start
Section titled “Before you start”- An admin role. Organization-wide settings live under Settings and are visible only to administrators. If you see personal preferences but no org-wide Settings sections, you don’t have admin access yet — see Users and roles.
- Know your plan. Some settings (single sign-on, your own domain, branding, changing the model) only appear on certain plans. If a setting is missing, the most common reasons are plan or role — both are covered in the troubleshooting note at the end.
How settings are organized
Section titled “How settings are organized”Settings fall into three scopes. Knowing the scope tells you who’s affected when you change something.
| Scope | Affects | Typical owner |
|---|---|---|
| Organization (tenant-wide) | Everyone in your org — branding, SSO, governance defaults, plan, usage limits | Tenant Admin (or higher) |
| Project | Everyone working in a specific project — knowledge, project members, project-level access | Project Admin / Project Owner |
| Personal | Just you — theme, language, your own consent choices | Every user |
This page focuses on organization settings, since those are what an administrator configures. Personal preferences are self-service and need no admin action.
Organization settings
Section titled “Organization settings”Identity & sign-in
Section titled “Identity & sign-in”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Single sign-on (SSO) | Settings → connect your identity provider | Tenant Admin | Business and above | Let your people sign in with your company identity provider (Okta, Microsoft Entra ID, Auth0, Frontegg) over OpenID Connect. See Connect your identity provider. |
| SSO domain mapping | Set up during SSO connection | Tenant Admin | Business and above | Route users at your email domain to your provider automatically at sign-in. |
| Tenant provisioning mode | Arranged with your account team | SUPERWISE + Tenant Admin | All | Controls whether new organizations are admitted automatically or invite-only. Invite-only is the recommended production setting. See Connect your identity provider. |
Users, roles & access
Section titled “Users, roles & access”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Role assignments | Settings → users / members | Tenant Admin (admin tier) | All | Assign each person a role (Viewer, Member, Project Owner, Tenant Admin, and so on). You can only assign roles below your own. See Users and roles. |
| Governance Manager role | Assigned like any role | Tenant Admin | All | Grants read-only oversight — view the safety record and export audit data — without the ability to change settings. Ideal for compliance and security reviewers. |
| Assistant access | Assistants area → an assistant’s access settings | Project Admin / Tenant Admin | All | Decide which people or groups can use each assistant. Restricted assistants don’t appear for users outside the group. |
| Member invitations | Settings → members | Tenant Admin | All | Invite people into your organization (or manage this through your identity provider once SSO is connected). |
Model & assistants
Section titled “Model & assistants”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Default model | Settings → Model Configuration | Tenant Admin | Business and above | Choose the model your org’s assistants use. The SUPERWISE Private Model is always the secure default; on the right plan you can route to an external provider you have a contract with. See Model access and tiers. |
| Custom assistants | Assistants area | Project Admin / Tenant Admin | All (count varies by plan) | Add and manage assistants up to your plan’s allowance. The Business Assistant is included on every plan and never counts against the allowance. |
| Business Assistant | Assistants area (read-only) | Managed for you | All | The included, locked, ready-on-day-one assistant. You can’t edit or remove it — that’s intentional. |
Plan, usage & limits
Section titled “Plan, usage & limits”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Plan | Settings → Plan (with your account team) | Tenant Admin + account team | All | Your subscription tier — sets the ceiling on custom assistants, monthly usage, datasets, and which admin features are switched on. To raise the ceiling, change the plan. |
| Monthly usage allowance | Settings → Usage | Tenant Admin + account team | All | Your org’s pooled monthly AI usage. The plan sets the ceiling; your account team can adjust limits at any time. |
| Usage limits (per user / per project) | Settings → Usage | Tenant Admin | All | Cap consumption for individuals or projects so no single user or team can exhaust the shared allowance. |
| Token Usage (view) | Settings → Token Usage | Every user (own); admins (org) | All | See consumption. Each person sees their own; admins see the organization view. This is a view, not a control. |
Branding & domain
Section titled “Branding & domain”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Display name | Settings → Branding | Tenant Admin | Business Plus / Enterprise | The org name shown in the header and on the sign-in screen. |
| Logo | Settings → Branding | Tenant Admin | Business Plus / Enterprise | Your logo in the header and on the login page (PNG/SVG, transparent background). |
| Accent color | Settings → Branding | Tenant Admin | Business Plus / Enterprise | A single hex color used for buttons, links, and highlights, in both light and dark mode. |
| Custom domain | Settings → Branding → Custom domain | Tenant Admin + your IT team | Business Plus / Enterprise | Reach Chat at an address you own (e.g. chat.yourcompany.com). Needs a DNS record and a TLS certificate from IT. See Branding and custom domain. |
Governance, safety & privacy
Section titled “Governance, safety & privacy”| Setting | Where | Who can change | Plan | What it does |
|---|---|---|---|---|
| Safety profiles (guardrails) | Settings → Governance | Tenant Admin | All | Choose which safety profiles apply to your assistants. Every message is reviewed for safety before processing and before the reply reaches a user. See Governance and policy. |
| Consent defaults | Settings → Governance | Tenant Admin | All | Set your org’s defaults for optional processing activities (e.g. memory extraction, document indexing). Essential activities can’t be turned off, by design. |
| External tool approvals | Settings → Governance | Tenant Admin | All | Web search and other external lookups require approval and run only against an allowed list — so nothing reaches the open internet without your sign-off. |
| Oversight access | Assign the Governance Manager role | Tenant Admin | All | Give compliance/security reviewers read-only visibility into the safety record and audit exports. |
Data retention
Section titled “Data retention”Retention determines how long different kinds of data are kept. Most defaults are fixed; conversation retention is the one customers can adjust.
| Data | Default kept | Configurable? |
|---|---|---|
| Conversations | Indefinite (with an inactivity cleanup horizon) | Yes — tenant-configurable. Talk to your account team to set a retention window that matches your policy. |
| Memory entries | Until you delete them | Removed on explicit delete |
| Activity / usage logs | A rolling recent window | Fixed |
| Audit records (role changes, settings changes, safety decisions) | Retained for compliance | Fixed — and settings-change history is permanent and can’t be deleted, even by an administrator |
| Sign-in sessions | Short-lived | Fixed — expire automatically |
Personal settings (self-service — no admin action needed)
Section titled “Personal settings (self-service — no admin action needed)”These belong to each user and don’t require an administrator:
| Setting | Where | What it does |
|---|---|---|
| Theme | Personal preferences | Light or dark mode, per person. |
| Language | Personal preferences | Interface language. |
| My consent choices | Personal preferences / privacy | Each user grants or revokes optional processing for themselves; essential activities can’t be revoked. |
| My response speed | Per message, in the composer | Interactive / Thinking / Research / Thought Partner, chosen before sending. |
Worked example: standing up a new organization
Section titled “Worked example: standing up a new organization”A 200-person company is rolling out Chat on Business Plus. Here’s the order an admin works through the settings on this page:
- Identity — connect SSO and map the company email domain, so everyone signs in through the corporate identity provider. (Identity & sign-in)
- Roles — assign a couple of Tenant Admins, give the compliance lead the Governance Manager role for oversight, and let SSO group membership handle the rest. (Users, roles & access)
- Branding — set the display name, logo, and accent color so the app feels
in-house, and request the
chat.company.comdomain for IT to wire up. (Branding & domain) - Governance — confirm safety profiles, set consent defaults, and confirm external tool approvals match policy. (Governance, safety & privacy)
- Model & usage — keep assistants on the SUPERWISE Private Model, add the two custom assistants the business needs, and set a per-user usage limit so no single person drains the pooled allowance. (Model & assistants · Plan, usage & limits)
- Retention — agree a conversation-retention window with the account team to match the company’s data policy. (Data retention)
Everything else — themes, languages, personal consent — is self-service and needs no admin action.
Troubleshooting
Section titled “Troubleshooting”A setting I expect isn’t showing up. The two usual causes are plan and role:
- Plan. SSO, branding, custom domain, and model switching are unlocked only on certain plans. If a section is locked or absent, check what your plan includes in Model access and tiers, or ask your account team.
- Role. Organization-wide Settings sections are visible only to administrators. If you see personal preferences but no org settings, you don’t have a sufficient admin role — see Users and roles.
I can change some settings but not others. Roles are layered. A Project Admin can manage assistants and project access but may not see tenant-wide controls like branding or SSO, which require a Tenant Admin. Ask whoever holds the Tenant Admin role, or have them raise yours.
I want to change something that says “fixed” or “with your account team.” A few settings — your plan ceiling, the monthly allowance, conversation-retention windows, and tenant provisioning — are set with your account team rather than self-served in the app. Reach out to them; changes take effect for your term.
A safety control has no off switch. That’s intended. Message safety review and a small set of essential processing activities are always on, by design. You control which profiles apply and who has oversight, not whether safety runs at all. See Governance and policy.
Related pages
Section titled “Related pages”- Admin quickstart — the ordered checklist for your first week
- Users and roles — who can change what
- Model access and tiers — what each plan unlocks
- Governance and policy — safety, consent, and oversight in depth