Set Up an Organization
5 min read
Organizations are the core unit of team management in MCP Hub Platform. They provide shared namespaces for MCP servers, role-based access control, billing management, and security policy enforcement. This tutorial walks you through creating and configuring an organization from scratch.
Before You Begin
You need:
- A running MCP Hub Platform instance (see Quick Start)
- An authenticated user account in the Hub dashboard
Step 1: Create an Organization
Via the Web Dashboard
- Open the Hub dashboard at http://localhost:8080
- Click your avatar or username in the top-right corner
- Select Create Organization
- Fill in the organization details:
| Field | Description | Example |
|---|---|---|
| Name | Unique identifier (lowercase, alphanumeric, hyphens) | acme-corp |
| Display Name | Human-readable name | ACME Corporation |
| Description | Brief description of the organization | MCP servers for ACME internal tools |
- Click Create
You are automatically assigned the Owner role for the new organization.
Naming Conventions
Organization names serve as namespaces for MCP servers. Choose carefully, as the name becomes part of the package identifier:
@acme-corp/[email protected]
^^^^^^^^^
org namespace
Organization names must be:
- Lowercase letters, numbers, and hyphens only
- Between 3 and 40 characters
- Unique across the platform
- Cannot start or end with a hyphen
Step 2: Configure Organization Settings
Navigate to your organization page and open Settings. Key configuration options:
General Settings
- Display Name: Shown in the dashboard and public profiles
- Description: Appears on the organization listing page
- Contact Email: Used for billing and administrative notifications
- Website: Public URL for your organization
Security Defaults
Set default security policies that apply to all MCP servers in the organization:
- Minimum Certification Level: The lowest certification level allowed for execution (0-3)
- Allowed Origins: Which origin types can be used (Official, Verified, Community)
- Auto-Certify on Push: Whether to trigger certification automatically on new pushes
These defaults can be overridden per-server or per-area (see Enforce Security Policies).
Step 3: Invite Team Members
Sending Invitations
- Navigate to your organization > Members
- Click Invite Member
- Enter the member’s email address
- Select a role (see the role table below)
- Click Send Invitation
The invitee receives an email with a link to join the organization. Invitations expire after 7 days.
Bulk Invitations
For larger teams, use the bulk invite feature:
- Click Bulk Invite
- Enter email addresses (one per line) or upload a CSV file
- Select the default role for all invitees
- Click Send All
Role-Based Access Control (RBAC)
MCP Hub Platform provides four organization roles with increasing permissions:
| Role | Description | Key Permissions |
|---|---|---|
| Viewer | Read-only access | View servers, results, and reports |
| Developer | Publish and manage own servers | All Viewer permissions, plus push servers, view analysis results |
| Admin | Manage organization settings | All Developer permissions, plus invite/remove members, configure policies, manage areas |
| Owner | Full control | All Admin permissions, plus delete organization, manage billing, transfer ownership |
Permission Matrix
| Action | Viewer | Developer | Admin | Owner |
|---|---|---|---|---|
| View MCP servers | Yes | Yes | Yes | Yes |
| View analysis results | Yes | Yes | Yes | Yes |
| Push MCP servers | – | Yes | Yes | Yes |
| Trigger certification | – | Yes | Yes | Yes |
| Manage own servers | – | Yes | Yes | Yes |
| Manage all servers | – | – | Yes | Yes |
| Invite members | – | – | Yes | Yes |
| Remove members | – | – | Yes | Yes |
| Configure security policies | – | – | Yes | Yes |
| Manage areas/namespaces | – | – | Yes | Yes |
| Manage billing | – | – | – | Yes |
| Delete organization | – | – | – | Yes |
| Transfer ownership | – | – | – | Yes |
Changing Roles
To change a member’s role:
- Go to Members and find the member
- Click the role dropdown next to their name
- Select the new role
- Confirm the change
Every organization must have at least one Owner. You cannot remove the last Owner or downgrade them to a lower role without first assigning another Owner.
Step 4: Configure Areas and Namespaces
Areas let you organize MCP servers into logical groups within an organization. Think of them as folders or teams within your organization.
Creating Areas
- Navigate to your organization > Areas
- Click Create Area
- Fill in the details:
| Field | Description | Example |
|---|---|---|
| Name | Area identifier | backend-tools |
| Display Name | Human-readable label | Backend Tools Team |
| Description | What this area is for | MCP servers used by the backend team |
Area-Specific Policies
Each area can have its own security policies that override the organization defaults:
Organization Defaults (min cert level: 1)
|
+--- Area: backend-tools (min cert level: 2)
| |
| +--- Server: db-connector (inherits: 2)
| +--- Server: api-gateway (override: 3)
|
+--- Area: frontend-tools (inherits: 1)
|
+--- Server: ui-builder (inherits: 1)
Policy inheritance flows from organization to area to individual server, with each level able to set more restrictive (but not more permissive) policies.
Assigning Servers to Areas
When adding or editing an MCP server, select the area it belongs to. Servers without an area assignment fall under the organization’s default policies.
Step 5: Set Up Billing (Optional)
If your platform uses Stripe-based billing:
- Navigate to your organization > Billing
- Click Set Up Billing
- Enter payment details through the Stripe checkout
- Choose a plan tier
Billing is managed at the organization level. All members share the organization’s plan and usage limits.
Managing Your Organization Day-to-Day
Audit Log
The organization audit log tracks all administrative actions:
- Member invitations and role changes
- Policy modifications
- Server additions and deletions
- Billing changes
Access it via Settings > Audit Log.
Removing Members
- Go to Members
- Find the member and click Remove
- Confirm the removal
Removed members immediately lose access to all organization resources. Their published MCP servers remain in the organization namespace.
Transferring Ownership
To transfer organization ownership:
- Ensure the target member already has the Owner role
- Go to Settings > Transfer Ownership
- Select the new primary owner
- Confirm with your password
Deleting an Organization
Deleting an organization permanently removes all associated MCP servers, areas, member assignments, and certification history. This action cannot be undone.
To delete an organization:
- Go to Settings > Danger Zone
- Click Delete Organization
- Type the organization name to confirm
- Enter your password and confirm
Next Steps
- Enforce Security Policies – Configure policies for your organization
- Publish from GitHub – Connect GitHub repositories to your organization
- Self-Hosted Deployment – Deploy the platform on your own infrastructure