Model Access Controls
Decide which models and providers your organization is allowed to use, and turn data-handling requirements into enforced allowlists.
Model access controls are part of MegaBrain Enterprise. They live on the org Providers & Models page and let admins narrow MegaBrain's default catalog down to exactly what your organization permits.
Auto-routing override
By default MegaBrain auto-routes requests to a suitable model. Enterprise admins can override this so routing stays within the providers and models you have allowed, instead of the full catalog.
Models tab
The Models tab lets you disable specific models. New models from providers you have enabled are allowed by default, so the catalog stays current without re-approving each release — while anything you have explicitly disabled stays off.
Providers tab
The Providers tab is where you enable providers and review how each one handles data. Every provider carries data-handling badges such as Retains prompts and Trains, and you can filter by:
- •Trains — whether the provider may train on your prompts
- •Retains-prompts — whether the provider stores prompt data
- •Provider location — for example, EU-based providers
Enforcing EU-only and no-training policies
These filters are how policy becomes enforcement. Allowlist only EU-located providers to keep traffic in-region, or exclude any provider that trains on prompts to satisfy a no-training requirement. Once set, the allowlist applies org-wide. See /eu and /security-and-compliance for more on how MegaBrain supports these requirements.