domino logo
About DominoArchitecture
Kubernetes
Cluster RequirementsDomino on EKSDomino Kubernetes Version CompatibilityDomino on GKEDomino on AKSDomino on OpenShiftNVIDIA DGX in DominoDomino in Multi-Tenant Kubernetes ClusterEncryption in Transit
Installation
Installation ProcessConfiguration ReferenceInstaller Configuration ExamplesPrivate or Offline InstallationCustom Certificatesfleetcommand-agent release notes
Azure Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Google Cloud Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Amazon Web Services Deployments
Prepare for InstallationProvision Infrastructure and Runtime EnvironmentDeploy Domino
Configuration
Central ConfigurationNotificationsFeature FlagsChange The Default Project For New UsersProject Stage ConfigurationDomino Integration With Atlassian Jira
Compute
Manage Domino Compute ResourcesHardware Tier Best PracticesModel Resource QuotasPersistent Volume ManagementAdding a Node Pool to your Domino ClusterRemove a Node from Service
Keycloak Authentication Service
Operations
Domino Application LoggingDomino MonitoringSizing Infrastructure for Domino
Data Management
Data in DominoData Flow In DominoExternal Data VolumesConfigure Data Source AuthenticationDatasets AdministrationSubmit GDPR Requests
User Management
RolesManage UsersView User InformationRun a User Activity ReportSchedule a User Activity Report
Environments
Environment Management Best PracticesCache Environment Images in EKSImages From Authenticated External Registries
Backup and Restore
Backup StructureBackup LocationCustomize BackupsRun a Manual, On-Demand BackupRestore backups
Control Center
Control Center OverviewExport Control Center Data with The API
Troubleshooting
domino logo
About Domino
Domino Data LabKnowledge BaseData Science BlogTraining
Admin Guide
>
User Management
>
Roles

Roles

You can assign roles to users. These roles can be set manually through the application or they can be mapped in from your identity provider if you have SSO integration enabled.

The available roles are:

  • SysAdmin

  • ProjectManager

  • SupportStaff

  • Practitioner

  • ReadOnlySupportStaff

  • Librarian

A user with no roles is called a Lite User, or in some contexts is called a Results Consumer. Lite Users have restricted feature access, and might have a different licensing status.

A SysAdmin user can grant access roles to other users. To do so, open Users tab of the admin UI. Locate the user you want to grant permissions to, click Edit next to the username, then select the desired role.

Users can have more than one role, and will have the additive permissions of each role.

By default, all new users will be assigned the Practitioner role, but this can be changed with central configuration options.

Project Overview Actions

PermissionLite UserPractitionerSysAdmin

Create Project

X

View Project List

X

X

X

Fork Project

X

Archive Project

X

X

File Actions

PermissionLite UserPractitionerSysAdmin

List and View Files

X

X

X

Edit Files

X

Upload Files

X

Workspace Actions

PermissionLite UserPractitionerSysAdmin

Start Workspace

X

Stop Workspace

X

X

Open Workspace

X

View Workspace History

X

X

X

Archive Workspace

X

X

Job Actions

PermissionLite UserPractitionerSysAdmin

Start Job

X

Stop Job

X

X

View Job History

X

X

X

Create Scheduled Job

X

Edit Scheduled Job

X

X

Delete Scheduled Job

X

X

Project Settings Actions

PermissionLite UserPractitionerSysAdmin

View Project Settings

X

X

Edit Project Settings

X

X

Model API Actions

PermissionLite UserPractitionerSysAdmin

Create Model API

X

Be a Model API "Owner"

X

X

Be a Model API "Editor"

X

X

X

Be a Model API "Viewer"

X

X

Stop a Model Version

X

X

View Model Settings

X

X

Edit Model Settings

X

X

Promote a Model Version to Prod

X

App Actions

PermissionLite UserPractitionerSysAdmin

Publish or Start App

X

Stop App

X

X

View App

X

X

X

Launcher Actions

PermissionLite UserPractitionerSysAdmin

View Launchers

X

X

X

Create or Edit Launcher

X

Delete Launcher

X

Run Launcher

X

X

Dataset Actions

PermissionLite UserPractitionerSysAdmin

Create Dataset

X

Create Dataset Snapshot

X

Mount Dataset

X

View Datasets

X

X

X

Delete Dataset Snapshot

X

Environment Actions

PermissionLite UserPractitionerSysAdmin

List and View Environment

X

X

X

Create Environment

X

X

X

Edit Environment

X

X

X

Administrator Actions

PermissionLite UserPractitionerSysAdmin

View Admin UI

X

Edit Settings in Admin UI

X

About the Project Manager Role

When Project Managers are members of organizations, their role grants them owner-level access to all projects that are owned by other members of the organizations. This allows the Project Manager to see these projects and their assets in the Projects Portfolio and Assets Portfolio.

The Project Manager might also have the ability to add users to these organizations, thereby gaining contributor access to those users' projects. For this reason, Project Manager must be treated as a highly privileged role, similar to System Administrator.

Domino Data LabKnowledge BaseData Science BlogTraining
Copyright © 2022 Domino Data Lab. All rights reserved.