Orchestre

Appearance

/add-enterprise-feature

Add enterprise-grade features with proper architecture, security, and scalability considerations.

Overview

  • Purpose: Enterprise feature implementation
  • Category: Specialized Commands
  • Type: Dynamic prompt
  • MCP Tools: Multiple (orchestrated implementation)

Syntax

bash
/add-enterprise-feature [feature-type] [requirements]

Usage Examples

bash
# Single Sign-On
/add-enterprise-feature sso "SAML 2.0 support"

# Audit logging
/add-enterprise-feature audit-log "Complete activity tracking"

# Advanced RBAC
/add-enterprise-feature rbac "Department-based permissions"

# Data encryption
/add-enterprise-feature encryption "At-rest and in-transit"

Enterprise Features

Authentication & Security

  • Single Sign-On (SSO)
  • Multi-factor authentication
  • Advanced RBAC
  • Session management
  • IP whitelisting

Compliance & Auditing

  • Audit logging
  • Data retention policies
  • GDPR compliance
  • SOC2 requirements
  • Export controls

Integration & APIs

  • REST/GraphQL APIs
  • Webhooks
  • Event streaming
  • ETL pipelines
  • Third-party integrations

Management & Operations

  • Admin dashboards
  • Monitoring/alerting
  • Backup/restore
  • Multi-tenancy
  • White-labeling

Output Example 

🏢 Adding Enterprise Feature: SSO with SAML 2.0

## Implementation Plan

### Phase 1: Foundation
```bash
/execute-task "Install SAML dependencies and configure"
/execute-task "Create SSO provider abstraction layer"
/execute-task "Implement SAML metadata endpoints"

Phase 2: Provider Integration

bash
/execute-task "Add Okta integration"
/execute-task "Add Azure AD integration"
/execute-task "Add Google Workspace support"

Phase 3: User Management

bash
/execute-task "Implement JIT provisioning"
/execute-task "Add user attribute mapping"
/execute-task "Create SSO session management"

Phase 4: Security & Compliance

bash
/security-audit sso
/execute-task "Add SSO audit logging"
/execute-task "Implement SSO-specific rate limiting"

Components Created

1. SSO Provider Service

typescript
interface SSOProvider {
  name: string
  type: 'saml' | 'oidc'
  configure(config: ProviderConfig): void
  authenticate(request: SSORequest): Promise<SSOResponse>
  getUserAttributes(token: string): Promise<UserAttributes>
}

2. SAML Endpoints

  • GET /sso/metadata - SP metadata
  • POST /sso/acs - Assertion Consumer Service
  • GET /sso/sls - Single Logout Service
  • GET /sso/login/:provider - Initiate SSO

3. Configuration Schema

typescript
{
  providers: [{
    id: 'okta',
    type: 'saml',
    enabled: true,
    config: {
      entityId: 'https://app.example.com',
      ssoUrl: 'https://company.okta.com/sso',
      certificate: '...',
      attributeMapping: {
        email: 'user.email',
        name: 'user.displayName'
      }
    }
  }]
}

4. Security Measures

  • Certificate validation
  • Signature verification
  • Replay attack prevention
  • Session binding
  • Encrypted assertions

Best Practices Applied

✅ Provider abstraction for flexibility ✅ Comprehensive audit logging ✅ Error handling with fallback ✅ Performance optimization ✅ Security-first implementation


## Implementation Patterns

### Security First
- Threat modeling
- Security review
- Penetration testing
- Compliance check

### Scalability Built-in
- Horizontal scaling
- Caching strategy
- Database optimization
- Load testing

### Enterprise Integration
- Standard protocols
- Flexible configuration
- Multiple providers
- Fallback mechanisms

## Best Practices

### 1. Plan Thoroughly
```bash
/add-enterprise-feature sso --plan-only
# Review plan
/add-enterprise-feature sso --execute

2. Test Extensively

  • Unit tests
  • Integration tests
  • Load tests
  • Security tests

3. Document Everything

  • Architecture decisions
  • Configuration guide
  • Troubleshooting guide
  • API documentation

Common Enterprise Features

SSO Implementation

bash
/add-enterprise-feature sso "SAML and OIDC support"

Audit System

bash
/add-enterprise-feature audit "SOC2 compliant logging"

Advanced RBAC

bash
/add-enterprise-feature rbac "Attribute-based access control"

Data Encryption

bash
/add-enterprise-feature encryption "FIPS 140-2 compliant"

Prompt Adaptation

This prompt dynamically adapts based on:

Context Discovery

  • Existing Architecture: Analyzes current security models, authentication systems, and infrastructure
  • Compliance Requirements: Detects industry standards (HIPAA, SOC2, GDPR) from project context
  • Scale Factors: Understands current user base and growth projections
  • Technology Stack: Adapts recommendations to your specific tech choices

Intelligence Patterns

  • Discovers existing enterprise patterns before suggesting new ones
  • Adapts security recommendations to your threat model
  • Scales implementation complexity based on team size
  • Prioritizes based on your business model

Memory Integration

This prompt actively uses and updates distributed memory:

Reads From

  • CLAUDE.md - Project overview and business context
  • docs/architecture/CLAUDE.md - Technical decisions
  • src/auth/CLAUDE.md - Authentication patterns
  • .orchestre/patterns/security.md - Security implementations

Updates

  • docs/enterprise/CLAUDE.md - Enterprise feature documentation
  • src/[feature]/CLAUDE.md - Feature-specific context
  • .orchestre/compliance/[standard].md - Compliance tracking
  • CLAUDE.md - Adds enterprise capabilities summary

Memory Evolution

  • Each enterprise feature adds to the knowledge base
  • Security decisions accumulate for consistency
  • Compliance requirements build comprehensive coverage
  • Performance optimizations are documented for reuse

Integration

With Security

bash
/add-enterprise-feature sso
/security-audit --enterprise

With Performance

bash
/add-enterprise-feature "high-volume-api"
/performance-check --load-test

Direct Invocation

This is a dynamic prompt that Claude executes directly - no file installation needed:

bash
# Simply type the command
/add-enterprise-feature SSO

# Claude will:
# 1. Analyze your current authentication system
# 2. Research SSO providers and standards
# 3. Create implementation plan
# 4. Execute with security best practices
# 5. Update all relevant CLAUDE.md files

Built with ❤️ for the AI Coding community, by Praney Behl

Copyright © 2025 Orchestre