FeaturesDiscussionsPreviewSkillsMobileOrchestrationDocs
Theme
Get Started
Sophon Docs
Core Concepts

Tiers — Personal, Pro, Enterprise

Which features are available at each tier, and how tiers are configured.

Sophon ships as one codebase with three tiers — Personal, Pro, and Enterprise. All features exist in the code; tiers enable or disable them via configuration. Moving from Pro to Enterprise is a config change, not a migration.

How tiers are set

A single Tier string in appsettings.json:

{
  "Sophon": {
    "Tier": "Personal"
  }
}

Valid values: Personal, Pro, Enterprise.

  • Self-hosted: you pick the tier directly. Enterprise features (SSO, RBAC, audit, multi-tenancy) require a valid license key.
  • Sophon Cloud (managed): tier is enforced by license validation.

Endpoints and services gate on tier via [RequiresTier(Tier.Pro)] — if the attribute is higher than the configured tier, the endpoint returns 403.

What each tier gives you

Personal — free, local-first

For individual users running Sophon on their own machine.

  • Storage: SQLite, local filesystem
  • Vector search: disabled (keyword search only)
  • Task queue: in-memory bounded channel (capacity 100)
  • Credential vault: local encrypted file
  • Sandbox: Docker + gVisor skills, Playwright browser, Sophon Node
  • Clients: Dashboard, Desktop, Mobile, CLI, DevStudio
  • Channels: all 10 adapters (WebChat, Telegram, Discord, Slack, WhatsApp, Email, Teams, Signal, Matrix, SMS)
  • LLM providers: any — you bring your own API keys
  • MCP: client and server both supported
  • Memory: full user/agent memory with daily logs (no semantic search without a vector DB)
  • Orchestration: full pipeline — planning, approvals, tool filtering, budgets, failover
  • Workflows: visual builder, AI-authored workflows
  • Skills: bundled + installed + self-authored
  • Discussions, Canvas, Claude Code, Tasks, Insights, Cron, Webhooks, Browser, Voice — all available
  • Push notifications: mobile supported if you configure Expo Push credentials
  • Admin: single-user, no RBAC

Missing on Personal: multi-user RBAC, audit logging, tenants, license-gated features, vector similarity, external vault backends, Redis/RabbitMQ-backed queues.

Pro — managed or self-hosted for small teams

Adds shared infrastructure and collaboration.

  • Storage: PostgreSQL 17
  • Vector search: Qdrant (or Milvus / pgvector, configurable)
  • Cache: Redis 7 (optional)
  • Task queue: Redis-backed (roadmap; currently in-memory)
  • Credential vault: local encrypted file (external backends configurable)
  • Shared resources: users in the same team can share workflows, skills, and memory scopes
  • Workflow templates library
  • Everything in Personal

Missing on Pro: tenants, SSO, RBAC, audit, compliance reporting.

Enterprise — full platform

Everything, plus multi-tenancy and compliance controls.

  • Multi-tenancy: tenant-scoped data isolation
  • SSO / OIDC: Azure AD, Okta, Google Workspace, Auth0 (any OIDC provider)
  • RBAC: built-in roles (Admin, Operator, Viewer) + custom roles with granular permissions
  • Audit logging: immutable trail of every action, user, tool call, approval
  • Compliance: retention policies, compliance reports, data export
  • External vault: HashiCorp Vault, AWS Secrets Manager, Azure Key Vault
  • Message bus: RabbitMQ-backed (roadmap; currently in-memory)
  • License enforcement: feature gates via license key
  • Remote access onboarding: device enrollment tickets for operator-managed deployments
  • Approved senders: email allowlist for agent-sent mail
  • Everything in Pro

Feature matrix at a glance

FeaturePersonalProEnterprise
All 10 channels
Full orchestration pipeline
Planning, approvals, budgets
Workflows (visual + AI-authored)
Skills + sandbox
Memory (user + agent)
Sophon Node
Desktop / Mobile / DevStudio
MCP client & server
Documents, Voice, Canvas
Semantic memory (vectors)
PostgreSQL backend
Shared workflows / skills
Multi-tenancy
SSO / OIDC
RBAC + custom roles
Audit logging
External vault backends
Compliance reporting
License enforcement

Upgrading between tiers

Pro → Enterprise is a config change. Everything else moves with the process:

  1. Stop Sophon.
  2. Change "Tier": "Pro" to "Tier": "Enterprise" and add your license key.
  3. Start Sophon. Enterprise-only features appear in the Dashboard automatically.

Personal → Pro requires a real infrastructure change (SQLite → Postgres, Qdrant for vectors). The migration path:

  1. Provision Postgres and Qdrant.
  2. Run sophon db migrate --from-sqlite <path> --to-postgres <conn-string>.
  3. Re-index documents with sophon documents reindex so vector search works.
  4. Update appsettings.json connection strings and tier.

Where to go next

Approval Gates & Risk Levels

How Sophon classifies tool risk, when approvals fire, and how users approve, reject, or edit before the action runs.

Memory

User and agent memory, daily logs, the entity graph, semantic search, and the five memory tools.

On this page

How tiers are setWhat each tier gives youPersonal — free, local-firstPro — managed or self-hosted for small teamsEnterprise — full platformFeature matrix at a glanceUpgrading between tiersWhere to go next