Skip to main content

Overview

Team-wide settings allow enterprise admins to control Devin CLI usage across their organization.
  • Devin Enterprise admins can manage these settings in the customer-facing Devin dashboard under Settings → Enterprise → Windsurf (app.devin.ai/org/{orgName}/settings/windsurf). This is self-service for admins with access to enterprise settings.
  • Windsurf Enterprise admins can manage these settings in the Windsurf dashboard at https://windsurf.com/team/cli-settings.
Only the Devin CLI-specific settings on these pages apply to Devin CLI. General Windsurf Team Settings apply to Windsurf and do not necessarily apply to Devin CLI unless also listed on the Devin CLI settings page.

Available Settings

Models

Control which models your users can access through Devin CLI. You can:
  • Whitelist specific models — Restrict users to a curated list of approved models
  • Allow all models — Give users access to all available models
Click Configure to manage model access for each category.

Default model

You can also pin a team-wide default model that Devin CLI will use for new sessions. This is the same setting Windsurf uses for its default model, so configuring it once applies to both surfaces.
  • If no team default is set, Devin CLI uses its built-in default model.
  • If the pinned default is not present in the allowed models list above, Devin CLI falls back to the built-in default — the allowlist always takes precedence.
  • Individual users can still switch models during a session; this setting only controls the starting model for new sessions.
Enterprise admins can configure the default model from the Windsurf Team Settings page, the Devin CLI Settings page, or the customer-facing Devin Enterprise settings page at app.devin.ai/org/{orgName}/settings/windsurf. Allow the Devin CLI agent to perform web searches on the open Internet. This does not affect the agent’s ability to read specific URLs, which is performed locally on the user’s machine. This tool is disabled by default for enterprise teams.

MCP Servers

Control whether your users can use MCP (Model Context Protocol) tools.
  • Toggle on/off — Enable or disable MCP server usage entirely
  • Whitelisted MCP Servers — Specify which MCP servers users are allowed to connect to. If no servers are added, all servers are whitelisted by default. Click Add Server to restrict access to specific servers.
The recommended way to manage approved servers is through an MCP registry rather than the explicit whitelist.

MCP Registry

You can use the official MCP registry, a downstream registry built on it, or your own registry. Configure registries in team settings:
  • MCP registry URLs — Add one or more registry URLs. With multiple registries, a server is allowed if it appears in any of them (the union of all registries).
  • MCP registry enforcement (toggle) — Choose whether to strictly enforce your registries. When on, users can only connect to servers from your registries; when off, they can also connect to other servers, including custom ones.

Terminal Permissions

Configure team-enforced permission rules for Devin CLI usage. These rules have the highest precedence and cannot be overridden by individual users’ local or project configurations. Click Configure to open the permissions editor. The configuration requires a JSON object with three fields:
{
  "deny": [
    "exec"
  ],
  "ask": [],
  "allow": [
    "Read(~/my-repository/**)"
  ]
}
  • deny — Actions that are blocked entirely (takes highest priority)
  • ask — Actions that always prompt the user for approval
  • allow — Actions that are automatically approved without prompting
Permissions can be scope-based or tool-based:
TypeFormatExample
File readRead(/path)Read(~/sensitive/**)
File writeWrite(/path)Write(.env*)
Command executionExec(cmd)Exec(rm), Exec(sudo)
HTTP fetchFetch(url)Fetch(https://internal.api/*)
Tool-basedTool nameread, edit, exec
Use team-enforced deny rules to prevent actions across your entire organization, such as blocking access to sensitive directories or dangerous commands like rm -rf or sudo.
For detailed information on permission syntax, glob patterns, and configuration examples, see the Permissions documentation.

Sandbox Enforcement

Control sandbox behavior for your organization: Enforcement mode (whether --sandbox is Optional or Required for all CLI sessions), Domain allowlist and Domain denylist (organization-wide network filtering), and Excluded allow / Excluded ask / Excluded deny (rules for commands that may — or must never — run outside the sandbox). See the Sandbox documentation for how the sandbox works, how these settings interact with user-level configuration, and examples.

Show “Install Devin CLI” in the Devin Desktop Command Palette

Devin CLI is bundled with Devin Desktop but requires explicit activation by an admin. Toggle this setting on to allow your users to install Devin CLI directly from the Devin Desktop Command Palette. Once enabled, users can open the Command Palette (Cmd+Shift+P on macOS or Ctrl+Shift+P on Windows/Linux) and run Install Devin CLI to add the devin binary to their PATH.
This setting is available on Legacy Windsurf Enterprise and Devin Enterprise plans and is off by default.

Further Reading

To understand how to configure Devin CLI further, see the Configuration documentation.