Skip to main content
Configure roles, permissions, and teams to control what users can do in your Adaptive deployment.
  • Permissions grant ability to perform actions (e.g., project:adapt allows fine-tuning)
  • Roles are named sets of permissions, assignable to users
  • Teams are groups with shared access to projects and resources
Users can belong to multiple teams with different roles in each.

Common operations

# Create a user
adaptive.users.create(
    email="user@example.com",
    name="John Doe",
    teams_with_role=[("customer-support-team", "admin")]
)

# Add user to team
adaptive.users.add_to_team(
    email="user@example.com",
    team="customer-support-team",
    role="admin"
)

# Remove user from team
adaptive.users.remove_from_team(
    email="user@example.com",
    team="customer-support-team"
)

# Share project with team
adaptive.projects.share(
    project="project-to-share",
    team="customer-support-team",
    role="admin",
    is_owner=False
)

# Create a team
adaptive.teams.create(
    key="customer-support-team",
    name="Customer Support Team",
)

# Create a custom role
adaptive.roles.create(
    key="new-role",
    permissions=["project:read", "project:create"]
)

Admin team

The reserved admin team controls global operations. Members with admin or platform_admin role can:
  • Create new roles and teams
  • Add/remove users from any team
Configure seed admins in values.yaml: 
auth:
  default_role: admin  # admin, platform_admin, power_user, read-only, inference, annotator
  default_team: default
  admins: []  # Email addresses for initial admins

Default roles

RoleKeyDescription
AdminadminAll permissions. Can create teams/roles only if in admin team.
Platform Adminplatform-adminManages roles, teams, and users. Requires admin team membership.
Power Userpower_userFull project management, training, evaluation, model deployment.
Read Onlyread-onlyView project details only.
InferenceinferenceInteract with models attached to team projects.
AnnotatorannotatorInteract with models and add feedback.

All permissions

Admin

PermissionScope
admin:manage_rolesList roles (any team), create roles (admin team)
admin:manage_teamsList teams (any team), create teams (admin team)
admin:manage_usersList/update users in same team, global update (admin team)

Project

PermissionScope
project:readView project details
project:createCreate projects
project:updateUpdate project details
project:manage_modelsAttach/detach models
project:adaptTrain models
project:evaluateEvaluate models
project:interactChat with models
project:add_feedbackAdd interaction feedback
project:read_interactionsView logged interactions
project:update_interactionsUpdate interaction metadata
project:delete_interactionsDelete logged interactions
project:shareShare with another team (requires both team memberships)
project:judge_*Manage judges (create, read, update, delete)
project:grader_*Manage graders (create, read, update, delete)
project:tool_provider_*Manage tool providers
project:job_*Manage jobs (create, read, cancel)
project:custom_script_*Manage custom scripts
project:metric_*Manage metrics (create, read, update, delete)

Resources

PermissionScope
dataset:createCreate datasets
metric:createCreate feedback keys
model:manage_modelsDeploy/terminate models globally (admin team)
team:manageUpdate users in same team

Integrations

PermissionScope
integration:readView integrations
integration:createCreate integrations
integration:updateUpdate integrations
integration:deleteDelete integrations

Remote environments

PermissionScope
remote_env:readView remote environments
remote_env:createCreate remote environments
remote_env:updateUpdate remote environments
remote_env:deleteDelete remote environments