| I think that site pretty much nails it, especially SSO (depending on what you're doing you probably want LDAP, SAML and OIDC/OAuth2) and audit logs. It misses a couple of other nice to have differentiators, though: The ability to pay by invoice to their purchasing department (you probably want to insist people do this upfront and yearly and not monthly, to avoid the pain of chasing people). Plenty of enterprises won't be able to buy your product without this. Some decent consideration given to self-service (which RBAC might cover, but best to be explicit), by which I mean that you can delegate admin control such that you don't need to put in tickets with the team that runs the system in order to get changes made to its configuration. (Example: GitHub enterprise let's you set up multiple orgs, so you can give each dept. or team an org to do what they like with.) If you put some thought into granular permissions from the beginning (in the GitHub case, for example giving away perms to create repos, but not allowing that user to change how auth works for the org, for example) you will avoid pain later. APIs. Dependent on product, but ideally design your UI so that it is backed by an API that lets me do everything programmatically, so I can drive your product with other integrations via we hooks, or GitOps, or whatever else I want to do. |