Allowed models and providers inherited from org or team policy.
Access
Model list
Scope
Org + key
Policy
Enforced
Default
Enabled
All models available unless restricted.
Override
Model blocked
Specific model disabled for a key.
Policy
Parent enforced
Child scope cannot relax access.
New capabilities
Choose which models and providers are available by default, so teams build on an approved set instead of every model the providers happen to expose.
Override the default for a specific team, user, or key — open up a model for one workload, or block one that's too expensive or not approved for sensitive data.
Enforce model access at the organization or team level so a child key can't enable a restricted model on its own.
Who Concentrate is designed for
Model access controls define which slugs and provider paths a scope may use. Security sets the default at the organization; teams and keys inherit or narrow it; parent-enforced policy stops a production key from enabling a model that was never approved.
Block unaudited or overly expensive models from sensitive workloads.
Publish an approved model list once instead of policing every repo for ad-hoc provider calls.
Allow a pilot model for one key while the rest of the org stays on the default list.
Attach access policy to Universal API keys so each app inherits the right model list automatically.
Feature basics