MASK|DocsAPI Reference
Get Started

Enterprise

Advanced security, compliance, and support for organizations that need more control.

SSO / SAML

Enterprise workspaces can enforce single sign-on via SAML 2.0. MASK supports identity providers including Okta, Azure AD, Google Workspace, and OneLogin.

When SSO is enforced, all workspace members must authenticate through your identity provider. Password-based login is disabled for the workspace. Configure SSO from Settings → Security → SSO.

Custom contracts

Enterprise plans are available with annual or multi-year contracts. Custom pricing is based on usage volume, number of workspaces, and required features. Contact sales@mask.pk to discuss your requirements.

Custom invoicing (PO-based billing, net-30/60 terms) is available for qualifying organizations.

Dedicated support

Enterprise customers receive a dedicated account manager and access to a private Slack channel for direct support. Priority response times are guaranteed under your SLA.

Onboarding assistance, migration support, and quarterly business reviews are included at no extra cost.

SLA

Enterprise plans include a 99.99% uptime SLA for link redirects and API endpoints. The SLA covers scheduled and unscheduled downtime, with service credits issued for any violations.

Support response time SLAs are also available: critical issues within 1 hour, high-priority issues within 4 hours, and standard requests within 1 business day.

Custom domains

Enterprise workspaces can connect unlimited custom domains for branded short links. Each domain requires a DNS CNAME record pointing to cname.mask.pk.

SSL certificates are provisioned and renewed automatically. Wildcard domains and subdomain routing are supported.

Advanced permissions

Enterprise workspaces have access to granular role-based permissions beyond the standard Owner, Admin, and Member roles:

  • Billing Admin — manage subscriptions and payment methods without access to links or analytics.
  • Analytics Viewer — read-only access to analytics dashboards.
  • Link Manager — create and edit links without access to billing or workspace settings.
  • Custom Roles — define your own permission sets tailored to your organization's structure.

Audit logs

Every action in an Enterprise workspace is logged with the actor, timestamp, IP address, and details of the change. Audit logs are available in Settings → Security → Audit log.

Logs are retained for 1 year and can be exported as CSV or streamed to your SIEM via the API. Filterable by user, action type, resource, and date range.