Org Provisioning
Organization Provisioning
Creating a New Org
curl -X POST https://govern-api.ben-c1f.workers.dev/api/govern/orgs/provision \ -H "Authorization: Bearer $AUTH_SECRET" \ -H "Content-Type: application/json" \ -d '{ "name": "Acme Corp", "admin_email": "admin@acme.com", "admin_user_id": "supabase-user-uuid", "plan": "professional" }'What Provisioning Creates
- Organization record in
govern_organizations - Admin member in
govern_org_members(role: admin) - Audit trail entry — provisioning event logged
- API key — returned in the response (show once, store securely)
Plans
| Plan | Systems | Agents | Assessments | Price |
|---|---|---|---|---|
| Starter | 5 | 5 | 10/month | Free |
| Professional | 50 | 50 | Unlimited | $2,500/mo |
| Enterprise | Unlimited | Unlimited | Unlimited | $10,000+/mo |
| Federal | Unlimited | Unlimited | Unlimited | Custom |
Data Isolation
Every table in the GOVERN schema has Row-Level Security (RLS) policies enforcing org isolation. A user can only access data belonging to organizations they are a member of. This is enforced at the database level — not the application level.