LangWatch is open-core. The Apache 2.0 self-hosted floor gives you a single trace store, append-only event log, persona-aware chrome, governed CLI flow, and 30-day retention, enough to satisfy basic auditability and PII redaction. Going beyond that, multi-source ingestion, multi-class retention, anomaly detection, OCSF/SIEM export, tamper-evidence, requires an Enterprise license. This page is the canonical self-hosted compliance map. Skim it before you commit to a deployment plan; the right tier for your org depends on which mechanisms you actually need on day one.Documentation Index
Fetch the complete documentation index at: https://langwatch.ai/docs/llms.txt
Use this file to discover all available pages before exploring further.
Pairs with: AI Governance → Compliance architecture. That page documents the underlying substrate; this page narrows it to “what runs in your self-hosted box without buying anything else”.
TL;DR: open-core split
| Capability | Apache 2.0 floor | Enterprise |
|---|---|---|
| Single unified trace store + append-only event_log | ✅ | ✅ |
| Per-project tenancy + RBAC catalog (5 default roles) | ✅ | ✅ |
Custom roles via CustomRolePermissions | ❌ | ✅ |
| PII redaction at trace ingest (Presidio) | ✅ | ✅ |
| Personal IDE keys + CLI device-flow login | ✅ | ✅ |
AI Tools Portal at /me (3-tile types, admin catalog) | ✅ | ✅ |
| Routing policies for the AI Gateway | ✅ | ✅ |
Ingestion sources, otel_generic only, 1 source max | ✅ | ✅ |
| Ingestion sources, multi-source (Workato, S3, Copilot Studio, OpenAI/Anthropic compliance APIs) | ❌ | ✅ |
Retention, thirty_days | ✅ | ✅ |
Retention, one_year, seven_years classes | ❌ | ✅ |
| Anomaly Rules, admin-curated detection + dispatch | ❌ | ✅ |
| OCSF/SIEM export (Splunk, Datadog, Sentinel pull API) | ❌ | ✅ |
| Audit log, org-wide cross-team | ❌ | ✅ |
| SCIM provisioning | ❌ | ✅ |
| Tamper-evidence (Merkle-root publication) | ❌ | Enterprise (post-GA follow-up) |
SOC 2 Type II: what self-hosted underwrites
SOC 2 Type II asks for operating-effectiveness evidence over a 6-12 month window that your security controls work as designed. The self-hosted Apache 2.0 floor gives you the controls + the audit-evidence machinery for the common-criteria baseline:| TSC | Mechanism | Tier |
|---|---|---|
| CC6.1, Logical access | RBAC catalog + per-project tenancy + RoleBinding scopes | Apache 2.0 |
| CC6.6, Logical access (admin) | RBAC ADMIN role + governance:manage + aiTools:manage | Apache 2.0 |
| CC6.7, Termination of access | CLI token revoke on user deactivation (CliTokenRevocationService, Phase 1B-1) | Apache 2.0 |
| CC7.1, Detection | Anomaly rules on activity-event traffic (spend-spike, geo-mismatch, off-hours) | Enterprise |
| CC7.2, Monitoring | Append-only event_log + 30-day retention | Apache 2.0 |
| CC7.2, Monitoring (≥1y) | Per-origin retention TTL with one_year, seven_years classes | Enterprise |
| CC7.4, Incident response | OCSF v1.1 SIEM export with cursor pagination | Enterprise |
| CC8.1, Change management | Per-org settings audit + SCIM provisioning history | Enterprise |
ISO 27001: same shape
ISO 27001 Annex A controls map onto the same self-hosted-vs-Enterprise boundary as SOC 2 above. The Apache 2.0 floor gives you A.5 (policies), A.8 (asset management, tenant boundaries), A.9 (access control), A.12.4 (logging, 30-day window). Anomaly detection (A.12.4 ≥6-month retention), SIEM export (A.16 incident management), and SCIM (A.9.2 user lifecycle) require Enterprise.GDPR: Art. 32 + Art. 30 mapping
| Article | Mechanism | Tier |
|---|---|---|
| Art. 32(1)(a), pseudonymisation | PII redaction at trace ingest (Presidio) | Apache 2.0 |
| Art. 32(1)(b), confidentiality | Per-org tenancy + Layer-1 cross-org guards | Apache 2.0 |
| Art. 32(1)(d), restoration | Backups (env-configured), trace store replay | Apache 2.0 |
| Art. 30, record of processing | event_log @ 30d retention | Apache 2.0 |
| Art. 30, record of processing (extended) | event_log @ seven_years retention | Enterprise |
| Art. 33, breach notification | Anomaly rule dispatch (Slack, PagerDuty, SIEM webhook, email) | Enterprise |
| Art. 35, DPIA evidence | OCSF/SIEM export bundle | Enterprise |
HIPAA: most uses
HIPAA’s covered-entity vs business-associate split + the §164.312 technical safeguards map cleanly onto the open-core split:- §164.312(a)(1) Access control: Apache 2.0 RBAC catalog + per-project tenancy
- §164.312(b) Audit controls: Apache 2.0 event_log @ 30d retention
- §164.312(b) ≥6yr retention: Enterprise
seven_yearsretention class - §164.312(c)(1) Integrity: Enterprise tamper-evidence (post-GA follow-up)
- §164.312(d) Authentication: Apache 2.0 SSO (env-configured) + Personal IDE keys
- §164.312(e) Transmission security: Apache 2.0 (TLS at gateway + dataplane)
EU AI Act: Art. 12 logging + Art. 18 record-keeping
The EU AI Act’s high-risk-AI logging requirements (Art. 12) and the provider/deployer record-keeping (Art. 18) map onto:- Art. 12(1) automatic recording of events: Apache 2.0 unified trace store + 30d retention
- Art. 12(2)(a) period of operation: Apache 2.0 (trace timestamps in event_log)
- Art. 12(2)(b) reference DB used: Apache 2.0 (
gen_ai.system+gen_ai.request.modelattrs on each span) - Art. 12(2)(c) input data check: Apache 2.0 (prompt + tool-call payloads on traces, redacted via Presidio)
- Art. 12(2)(d) human oversight: Enterprise anomaly-rule dispatch (so a person reviews flagged events) + OCSF/SIEM forwarding
- Art. 18(1) record-keeping ≥10y: This is Enterprise’s 10y retention class (note: shipped as
seven_yearstoday; 10y class is on the post-GA roadmap).
What’s intentionally unavailable on Apache 2.0
Not “limited”, intentional design boundaries that keep the open-core floor narrow enough to be free-as-in-beer-AND-as-in-speech:- Anomaly detection + dispatch is Enterprise. The detection is the thing you pay for.
- Multi-class retention is Enterprise. 30 days is sufficient for CC7.2 monitoring + Art. 30 GDPR processing-records-baseline.
- OCSF/SIEM export is Enterprise. Apache 2.0 customers can still pull traces from the trace store via the same query API the dashboard uses; what’s gated is the normalised OCSF event stream with cursor pagination + tenant-isolated read endpoints.
- Custom roles via
CustomRolePermissionsJSON is Enterprise. The default 5-role RBAC catalog (ADMIN, MEMBER, EXTERNAL + per-resource view/manage actions) is Apache 2.0. - SCIM provisioning is Enterprise. Apache 2.0 customers can still use SSO (Okta, Auth0, Azure AD) for sign-in.
Migrating from Apache 2.0 to Enterprise
There’s no schema migration. Adding an Enterprise license to a running self-hosted deployment unlocks the gated UI surfaces (<EnterpriseLockedSurface>
flips to render the page content) and removes the router-layer
requireEnterprisePlan middleware’s 403, CLI 402 responses for those
procedures + endpoints. Existing data, traces, event_log rows,
RoleBinding entries, AiToolCatalogEntry rows, is unchanged.
For the upgrade path:
- Provision your Enterprise license (contact sales).
- Set
LANGWATCH_LICENSE(or equivalent, see your contract) in your self-hosted env. - Restart the control-plane pod,
pnpm dev(no migration needed). - The previously-gated surfaces light up immediately. Existing
<EnterpriseLockedSurface>wraps detect the plan flip on next page render.
Where to next
- AI Governance → Compliance architecture: substrate mechanisms underlying the table above
- AI Governance → Open-core licensing: the layered enforcement (UI, tRPC, service, CLI)
- Self-hosting → Security: TLS, env secrets, network boundaries
- Self-hosting → Configuration → SSO: Okta, Auth0, Azure AD wiring