Administrators assign roles to users based on assignments and responsibilities. Set these roles in the application or map them from your identity provider if you have SSO integration enabled.

The available roles are:

SysAdmin - Administers instance with full administrative access.
ProjectManager - Manages organizations and project tags.
SupportStaff - Manages compute-related functionality.
Practitioner - Uses compute and file storage.
ReadOnlySupportStaff - Views compute related configuration.
Librarian - Manages project library.

A user with no roles is called a Lite User or, in some contexts, a Results Consumer. Lite Users have restricted feature access and might have a different licensing status.

By default, all new users are assigned the Practitioner role. You can change this with central configuration options.

When multiple roles are assigned to a user, permissions are additive. To grant users roles, you must be a SysAdmin.

In the Admin application, click Users.
Search for the username to whom you want to grant permissions.
Click Edit and select the roles.
Click Save.

Project Overview Actions

Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff	Librarian
Create Project	X
View Project List	X	X	X	X	X
Fork Project	X
Archive Project	X	X	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Create Project

View Project List

Fork Project

Archive Project

File Actions

Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff
List and View Files	X	X	X	X
Edit Files	X
Upload Files	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

List and View Files

Edit Files

Upload Files

Workspace Actions

Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff	Librarian
Start Workspace	X
Stop Workspace	X	X	X
Open Workspace	X
View Workspace History	X	X	X	X	X
Archive Workspace	X	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Start Workspace

Stop Workspace

Open Workspace

View Workspace History

Archive Workspace

Job Actions

Permission	Practitioner	SysAdmin	SupportStaff
Start Job	X		X
Stop Job	X	X	X
View Job History	X	X	X
Create Scheduled Job	X
Edit Scheduled Job	X	X
Delete Scheduled Job	X	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Start Job

Stop Job

View Job History

Create Scheduled Job

Edit Scheduled Job

Delete Scheduled Job

Project Settings Actions

Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff	Librarian
View Project Settings	X	X	X	X	X
Edit Project Settings	X	X	X		X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

View Project Settings

Edit Project Settings

Model API Actions

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Create Model API

Be a Model API "Owner"

Be a Model API "Editor"

Be a Model API "Viewer"

App Actions

Permission	Practitioner	SysAdmin	SupportStaff
Publish or Start App	X
Stop App	X	X	X
View App	X	X	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Publish or Start App

Stop App

View App

Launcher Actions

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

View Launchers

Create or Edit Launcher

Delete Launcher

Run Launcher

Dataset Actions

See Dataset permissions for more inofrmation.

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Create Dataset

Mount/Unmount Dataset

Delete Dataset Snapshot

Environment Actions

Note

Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff
List and View Environment	X	X	X	X
Create Environment	X	X	X
Edit Environment	X	X	X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

List and View Environment

Create Environment

Edit Environment

Administrator Actions

	Permission	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff
Librarian	View Admin UI		X	X	X
	Edit Settings in Admin UI		X

Permission

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

View Admin UI

Edit Settings in Admin UI

Organization Actions

Permission	Lite User	Practitioner	SysAdmin	SupportStaff	ReadOnlySupportStaff	Librarian	Limited Admin
Create Organizations	X	X	X	X	X		X
Organization Owner Can Add/Remove Members To/From the Organization	X	X	X	X	X	X	X
Organization Owner Can Make Another User an Owner of the Organization	X	X	X	X	X	X	X
Add/Remove Members To/From Any Organization			X
Can Make Another User an Owner of Any Organization			X
Select Hardware Tiers Available to Members of the Organization			X				X

Permission

Lite User

Practitioner

SysAdmin

SupportStaff

ReadOnlySupportStaff

Librarian

Limited Admin

License Reviewer

Create Organizations

Organization Owner Can Add/Remove Members To/From the Organization

Organization Owner Can Make Another User an Owner of the Organization

Add/Remove Members To/From Any Organization

Can Make Another User an Owner of Any Organization

Select Hardware Tiers Available to Members of the Organization

Note

About the Project Manager Role

When Project Managers are members of organizations, their role grants them owner-level access to all projects that are owned by other members of the organizations. This allows the Project Manager to see these projects and their assets in the Projects Portfolio and Assets Portfolio.

The Project Manager might also have the ability to add users to these organizations, thereby gaining contributor access to those users' projects. For this reason, Project Manager must be treated as a highly privileged role, similar to System Administrator.

Roles

Project Overview Actions

File Actions

Workspace Actions

Job Actions

Project Settings Actions

Model API Actions

App Actions

Launcher Actions

Dataset Actions

Environment Actions

Administrator Actions

Organization Actions

About the Project Manager Role