Platform Authentication and User Roles
Platform Authentication
The Snorkel Flow platform offers two primary methods of authentication that are described below. For details on SSO integration, please visit the links mentioned.
- Basic username and password
- Single Sign-On (SSO)
After initial authentication, the capabilities of each user is defined by the concept of workspaces and the Role-Based Access Controls (RBAC) roles within each workspace.
Basic Authentication
When first installing Snorkel Flow, you will be prompted to create a user, which will inherit the superadmin role. The superadmin role is the most elevated role within Snorkel Flow and is leveraged for administrative tasks within Snorkel Flow and should not be used for day to day activities. Regular operation and use of the platform should be setup to use the appropriate roles described below.
Snorkel Flow User Roles
The table below summarizes Snorkel Flow authorization and capabilities available for each specified role. Each role contains the description, ideal worker and capabilities available in the product for them.
If you do not know what role you belong to, please ask your System Administrator for assistance. They can look up this information in the Admin Settings > User Management tab.
| Role | Description | Ideal Worker | Capabilities |
|---|---|---|---|
| Superadmin/System Admin | Overall manager for the entire instance: control over all workspaces and applications in the instance | IT Manager | Inherits Admin Capabilities and access to all Admin Settings across workspaces: |
- Manage Users
- Create user
- Deactivate user
- Create invite links for account creation
- Manage user’s role in each workspace
- Manage Licenses
- Ability to add and remove Workspaces
- Manage dataset and application limits for each workspace
- SSO/Authentication settings
- Job Management
- Manage DataConnector permissions (new in 2024R1)
| | Admin/Workspace Admin | Full admin control over all app development for a specific workspace. Generally | Principal Data Scientist, Product Manager | Inherits Developer Capabilities and Admin Capabilities for specific workspaces:
- Access to admin capabilities for specific workspaces
- Manager Users and their roles for the workspaces they are admins for
| | Developer | Core persona developing application in Snorkel Flow: uploading data, pre-processing, LF and model development, deployment | Data Scientists | Inherits Reviewer Capabilities and:
- Access to the Development Mode (i.e., DAG + Model Studio)
- Ability to Create Labeling Functions
- Ability to Run models
- Ability to Export and Deploy models
| | Reviewer | Manage all annotators and annotation batches | Subject Matter Expert, Manager | Inherits Annotator Capabilities and:
- Access to Annotation Suite metrics dashboard (e.g., inter-annotator agreement, overall batch progress)
- Assign batches to Annotators
- View annotations from all Annotators
- Add annotations to any batch
| | Annotator | Creator of annotations for batches assigned to them | Subject Matter Expert |
- Access to only the Annotation Mode
- View batches assigned to them and their previous annotations
- Add annotations to their assigned batches
| | All users | Snorkel Flow capabilities for all users that are role agnostic | All users |
- Access Notebooks under their individual account
- Access MinIO with credentials
- Create Applications
- Upload data
|