17 min read

Superhuman Docs for Enterprise: Admin guide

Unlock enhanced customizability for administration, security, provisioning, and beyond.

Learn to manage users, customize workflows, and integrate other tools to drive success in your organization. In this guide, we'll walk you through everything you need to know to get started with Superhuman Docs for Enterprise, and the best practices for setting up Superhuman Docs for your organization based on your internal security policies.
You'll get...
  • How to provision users in your workspace
  • How to manage workspace and sharing settings
buttons
You'll use...
  • Organization settings
  • Workspace settings
  • Admin API

1. Understanding admin types on Enterprise

Superhuman Docs offers a few types of admin roles for our customers to manage both the workspace and the organization. Workspace admins are available across all tiers, and they're responsible for managing users/roles in the workspace, AI usage, and billing. They can be business owners or IT admins, and would need to be Doc Makers. Org admin is short for organization admin. To understand what an org admin is, it’s helpful to first know what an “organization” is within Superhuman Docs. You can think of an organization as the top of the hierarchy for Enterprise customers. Within the organization, we have workspaces, within workspaces we have folders, within folders we have docs, and so on. We also have additional admin roles that will allow your team to have control over specific areas and not full admin control. These are org Packs admins and workspace content admins. Org Pack admins can approve Pack requests and manage Pack usage in the organization. Workspace content admins' abilities include updating doc and folder permissions, managing public docs, transferring doc ownership, and moving and deleting docs. An organization is an Enterprise-only feature, and org admins have control over all workspaces within their organization. Org admins are typically IT admins/ chief information security officers (CISO) who are responsible for managing the overall security and compliance of an organization's use of SaaS tools. They can set security policies to govern how users can authenticate with Superhuman Docs, how docs can be shared, how Packs can be used, and more. Below is a quick overview of what workspace and org admins can do. Tip: For more details on what workspace and org admins are, read our help article here.

Accessing org settings

To access organization settings, navigate to https://docs.superhuman.com. In the top left corner, click on Admin settings. The policies set in org settings will apply to all workspaces within the organization.

Set up authentication and SSO

As an Enterprise org admin, you can manage how members of your organization authenticate and log in. This is the first step in deploying Superhuman Docs across your organization, and allows you to have a greater degree of control and security over your org.
Superhuman Docs offers many sign-in options as described here, and you can enable any of the sign-in options shown under Security > Authentication > Authentication methods. Single Sign-On (SSO) is a popular authentication method that’s available to our Enterprise customers, and it allows users to access multiple applications with a single set of credentials. Superhuman Docs offers SSO integration with popular identity providers that support SAML 2.0 such as Okta, Microsoft Azure, JumpCloud, Google, and more, making it easy for org admins to manage user access and enhance security. You can set up SSO for your organization by following the instructions on this article. We recommend that you turn off other sign-in options once you’ve set up SSO. That way, users have a standardized way of signing into Superhuman Docs, reducing the risk of unauthorized access or security vulnerabilities.
Sign-in Option Note
Once you’ve enabled SSO or specific sign-in option, all users from your owned domain will be required to authenticate using that sign-in option, and everyone else will need to be explicitly invited to the workspace. You can see your owned domains under Organization settings > Domain and Access.

2. User provisioning

As an org admin, you can provision and de-provision users and groups in Superhuman Docs programmatically from your identity management provider using SCIM. This means that when a new user is added to or removed from the identity provider, they can be automatically provisioned or de-provisioned in Superhuman Docs. Learn more about how to provision users here. Note: You only pay for Doc Makers. Editors are free. If you have user groups configured in your identity provider, you can also sync user groups to Superhuman Docs via SCIM for easy policy configuration and seamless sharing of docs or folders among org members. Learn how to push SCIM groups to Superhuman Docs. If your organization uses Google Groups, you can go to Admin settings > Members > Groups, and enable Allow sharing with Google Groups. Doing so will allow org members to use their OAuth credentials to sync and share docs or folders with Google Groups.

Assign roles and manage members

Once you’ve configured authentication methods and set up provisioning, you can now manage members and their roles on Superhuman Docs. We have three types of roles:
  1. Doc Maker
  2. Doc Maker (Admin)
  3. Editor
Doc Makers and Doc Maker (Admin) can create docs and pages, and are paid licenses. Doc Maker (Admin)s, aka workspace admins, keep your docs and workspace organized. Editors simply interact with the data within a doc, and are free. Learn more about what Doc Makers and editors can do here. To manage who can automatically join your workspace, and the way editors become Doc Makers, navigate to https://docs.superhuman.com and find your workspace in the left panel. Then go to Admin settings > Membership policies. If you scroll down to the bottom of the page, you’ll see a section to add Auto-join email domains. When anyone with an email address from these domains joins Superhuman Docs, they will automatically join your workspace as an Editor. Note: You only pay for Doc Makers on Superhuman Docs. Editors are free. To have more control over who gets to be a Doc Maker, scroll up to the Managing new Doc Makers section. You can either change the setting here to 7-day grace period or to Manual. You can learn more about these three options here. Next, you can see all the workspace members and manage their roles from Workspace Members > Members and roles. Here you can see a Members table which is a list of users in your workspace, their roles, analytics like the date they joined, last active date, and docs to which they contributed. This can help you understand how users in your organization are using Superhuman Docs and manage licenses accordingly. You can manage your license by upgrading editors to Makers or downgrading Makers using the Members table. You can also remove a workspace member that wasn’t provisioned via SCIM from this page. To learn how you can add or remove Doc Makers, see this help article. You can also see an activity log of all the role change events on Admin settings > Members > Member activity.
Note on moving Makers to Editors
Downgrading a Doc Maker to an Editor will cause the docs they created to become read-only. They will have to request Doc Maker access for their docs to become editable again - or transfer ownership of their docs to another Doc Maker in the workspace.

3. Set sharing policies and manage docs

To start, jump back to Admin settings > Security > Workspace assignment. Disable the option to Allow users to create new workspaces if you want all org members to create docs and collaborate within a single workspace, providing full administrative oversight.
If you expect your organization to require separate workspace for different teams, for billing or privacy reasons, you can enable Allow users to create new workspaces.
Head back to Security > Sharing Controls to configure Sharing controls for policies on sharing docs, forms, and Packs outside your organization.
If your organization collaborates with external users and share docs publicly, we offer a dashboard that shows all publicly shared docs under Admin Settings > Sharing controls > Manage Public docs. You can mitigate risk by taking action on any sensitive doc that was accidentally shared too broadly. You can learn more about sharing rules and how to manage publicly shared docs here. Additionally, you can view and manage all the docs created by users in your organization by navigating to Organization settings > Org docs > Manage all docs. You can use this dashboard to analyze user activity, view analytics, and take actions like changing share settings or transferring docs.
Admin privileges
If you are the central IT / CISO team responsible for managing Superhuman Docs, and want to have admin privileges to access any doc (including the ones that aren’t shared directly with you) from the org docs dashboard, please contact us.

Optional custom Enterprise policies

Superhuman Docs offers many other custom policies / settings on our Enterprise plan, such as the following:
  • The inbound sharing policy allows you to configure whether your employees can access docs owned by external organizations.
  • The publishing policy allows you to configure whether your employees can publish docs on Superhuman Docs.
  • The shared folder creation policy allows you to configure whether your employees can create shared folders, which make docs accessible to all workspace users.
  • The data export policy allows you to control whether your employees can export docs.
  • The file uploads policy allows you to configure whether your employees can upload files (such as PDFs, CSVs, and JPGs) into Superhuman Docs.
  • Session duration allows you to set a limit on the duration of your employees’ sessions.
If you’re interested in configuring one or more of the following, please contact us or reach out to your Customer Success Manager.

4. Deactivating users and doc transfers

If you have SCIM enabled, users provisioned via SCIM will be automatically deactivated from Superhuman Docs when they’re deactivated in your Identity management provider. When a Doc Maker is deactivated, their docs immediately become read-only and cannot be used for collaboration by other members of your organization. As an org admin, you can easily manage deactivated users and transfer their docs to new owners from Admin settings > Content > Docs transfers. Go to the docs owned by deactivated users tab and transfer all their docs to a new owner.
Workspace members can also request org admins for a doc to be transferred to them. You can find and triage all doc transfer requests from organization settings. In some cases, you may want to transfer different docs to different users. Superhuman Docs also allows you to transfer specific docs to individual users. You can learn more about how to transfer docs owned by deactivated users here.
Remove non-organization members from workspaces
Some users may be invited to your workspace but may not belong to your organization. These users will not appear in the org members list on in the deactivated members list. To permanently remove a workspace member that isn’t part of your organization, you should remove and off-board them manually from Workspace settings. Learn more about off-boarding members here.

5. Access management

Manage access to Packs

Packs are powerful building blocks that connect Superhuman Docs to the SaaS apps you use every day, like Jira, Salesforce, or Asana, and often require additional authentication. Read more about the security of Packs here. To have additional control over who can use specific Packs, enable admin approval for Packs usage in Admin settings > Packs > Packs approvals. You can then review each user’s request to use a Packs and approve or deny access based on your organization’s policies. Learn more about Packs approvals and management here. If your organization has bespoke security requirements, or if you want to pre-configure Pack access to specific users/groups, you can create custom configurations for Packs using JSON configs, offering advanced control similar to AWS’ IAM configs for maximum flexibility. You can create JSON configs to restrict who can access Packs, what functionality of the Packs (OAuth scopes, buttons, etc.) can be accessed and even configure DLP-like policies to control how docs containing data from specific sensitive Packs are shared within Superhuman Docs.

Manage access to Superhuman Docs AI

Every Doc Maker in your workspace is given a large number of AI credits that can help them save time and work smarter. To view and manage Docs AI usage across your workspace, navigate to https://docs.superhuman.com, click on your workspace name in the left panel, and select Admin settings > AI > AI usage. Here, you can view Docs AI usage by Doc Maker and by doc.
You can also see the date your credits next refresh, set varying daily caps, and more. Learn more about managing AI usage here.

6. Admin Packs and API

Lastly, Enterprise org admins can use the Superhuman Docs Admin API to have programmatic access to administrative reports and capabilities within Superhuman Docs.

Audit events

An application of the Admin API is to audit user activities performed within your organization. You can gain insight into the following:
  • Docs have been created or shared
  • Packs have been added or requested
  • Users have interacted with Superhuman Docs
  • Workspace changes were made
  • Folders were created or updated
  • Role changes occurred, and more!
You can learn more about what user activities can be audited here.

DLP and e-discovery integration

You can also use the Admin API to integrate with a DLP or e-discovery tool your company may use. You can export the whole doc into a PDF, HTML, or markdown. Or, use the page API to get text-based output suitable for a search index.

Superhuman Docs Admin Pack

Superhuman Docs also provides Enterprise org admins with an Admin Pack that acts like a UI layer to the Admin API, and gives admins realtime information on users, docs, folders, Packs, and activity in your organization. The Pack allows you to view all of this info and make changes - right from a Superhuman Doc. Learn more about when to use the Admin Pack.

Now what?

You've covered the essentials of setting up and managing Superhuman Docs for your organization. Here are a couple of good next steps:

Was this helpful?

YesNo