Skip to main content
Version: v1.6.23 🚧

Roles and Permissions

Overview

The Roles and Permissions page introduces a structured approach to Role-Based Access Control (RBAC), enabling administrators to define and manage user access based on predefined roles. Each role is associated with a set of permissions, ensuring that users can perform only the actions permitted within their assigned roles.

Additionally, the Roles and Permissions page allows administrators to assign system roles (roles) to an IdP role, providing seamless integration with external identity providers. An Identity Provider (IdP) system manages user identities and authentication, allowing organizations to implement Single Sign-On (SSO) and centralized access control across multiple applications. This integration ensures consistent role management and secure user access across all connected services.

note

A set of available permissions corresponds to Jobs; for example, the following two actions referred to Jobs, which in turn are permissions that can be given to a role:

  • Add a Collection
  • Delete a Collection

Access the Roles and Permissions page

To access the Roles and Permissions page, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.

Roles

Create a role

To create a new role, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. Click + New role.
  4. In the Role name box, enter a name for the new role.
  5. Optional: In the Description box, enter a description for the new role.
  6. In the Permissions section, select the permissions for the new role.
    note

    To learn about the available permissions, see Permissions.

  7. Click + Create.

Create a new role

Update a role

To update a role, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. In the Roles table, click the role you want to update.
  4. Update the previously defined permissions.
  5. Click Update.

Delete a role

To delete a role, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. In the Roles table, click the role you want to delete.
  4. Click Delete.
  5. In the Delete role card, click Delete.

Assign a role to a user

To assign a (created) role to a user, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. In the User Permissions table, locate/search for the user you want to assign a role to.
  4. In the Roles list, select a role.

IdP roles

Assign a role to an IdP role

To assign a (created) role to an IdP role, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. Click + Add role mapping.
  4. In the IDP Role Name box, enter an IdP role name.
    caution

    Enter a valid existing IdP role name.

  5. In the Optional description box, enter a description for the IdP role.
  6. Click Add.
  7. In the IDP Roles to Internal Roles Mapping table, locate/search for the IdP role you want to assign a role.
  8. In the Roles list, select a role.
    note

    To learn about the available permissions, see Permissions.

Delete an assigned role to an IdP role

To delete an assigned role to an IdP role, consider the following steps:

  1. In Enterprise h2oGPTe, click Account Circle.
  2. Select Roles and Permissions.
  3. In the IDP Roles to Internal Roles Mapping table, click the checkbox of the assigned role to an IdP role you want to delete.
  4. Click Delete.
  5. In the Are you sure? box, click Delete.

Permissions

A role can be assigned one or more of the following permissions:

  • Admin manegement
    • Show admin center
    • Allow device pairing when configured
    • Manage roles
  • Display management
    • Display developer settings
    • Show extractors
    • Show live logs
    • Show models page
    • Display system notifications
    • Show private button
  • Collections management
    • Add collections
    • Delete collections
    • Edit collections
    • Evaluate collections
    • Make collection public
    • Share collections
  • Documents management
    • Add documents
    • Delete documents
  • Chats management
    • Add chats
    • Delete chats
    • Evaluate chats
    • Submit chat feedback
  • Prompt templates management
    • Delete prompt templates
    • Edit prompt templates
    • Share prompt templates
Feedback