ai-center
2024.10
true
UiPath logo, featuring letters U and I in white
AI Center User Guide
Automation CloudAutomation SuiteStandalone
Last updated Nov 11, 2024

Project-level access control

Overview

To better protect sensitive business data stored as training or evaluation datasets, you can set up access control based on your roles.

You can set up permissions for both groups or users for the following pages:

  • At tenant level:
    • Project: everyone can access their project, but only users with Read permissions on project-level can view projects they are not part of.
    • Licenses: read-only.
    • Users: roles can be managed from specific page.
    • Roles: you can create roles for users.
  • At project level:
    • Dataset
    • Pipelines
    • Data Labeling
    • ML Packages
    • ML Skills
    • ML Logs (read-only)
    • Settings: user management at project level

Default roles

The following roles and permissions are created by default for AI Center:

  • Administrator: all permissions granted
  • Tenant administrator:
    • Project: create, read, update, and delete
    • Licenses: read-only
    • Users: create, read, update, and delete
    • Roles: create, read, update, and delete
    • Profiles: read-only
  • Project creator:
    • Project: create and update
    • Profile: read-only
  • Data scientist:
    • Dataset: create, read, update, and delete
    • Pipelines: create, read, update, and delete
    • Data Labeling: create, read, update, and delete
    • ML Packages: create, read, update, and delete
    • ML Skills: create, read, update, and delete
    • ML Logs: read-only
  • Project administrator:
    • Dataset: create, read, update, and delete
    • Pipelines: create, read, update, and delete
    • Data Labeling: create, read, update, and delete
    • ML Packages: create, read, update, and delete
    • ML Skills: create, read, update, and delete
    • ML Logs: read-only
    • Settings: create, read, update, and delete
  • All-projects administrator:
    • Project: read
    • Dataset: create, read, update, and delete
    • Pipelines: create, read, update, and delete
    • Data Labeling: create, read, update, and delete
    • ML Packages: create, read, update, and delete
    • ML Skills: create, read, update, and delete
    • ML Logs: read-only
    • Settings: create, read, update, and delete
    Note: The All-Projects administrator role is only available on tenants created starting with April 2024. Users with this role can access all existing projects and have full permissions within these projects.
  • Users manager:
    • Settings: create, read, update, and delete

Default group and role assignments

By default, group and role assignments are assigned when provisioning a tenant and when creating a new project. You can check the default role assignments for the following situations:

  • Automation Suite
  • AI Center on-premises

Automation Suite

The following default groups and roles are assigned when provisioning a tenant:

  • The Administrator group is added to all AI Center tenants with the Tenant Administrator role.
  • The Automation Developer group is added to all AI Center tenants with the Project Creator role.
  • The Automation User group is added to all AI Center tenants with no role.
  • The Everyone group is added with no role.

The following default groups and roles are assigned when creating a new project:

  • The Project Creator is added to the project with the Project Administrator role.
  • The Administrator group is added with the Users Manager role.

    Additionally, if the project creator decided not to restrict user access while creating the project, the Everyone group is added with the Data Scientist role.

AI Center on-premises

The following default groups and roles are assigned when provisioning a tenant:

  • The Administrator group is added to all AI Center tenants with the Tenant Administrator role.
  • All Orchestrator tenant users are added with no role.

    Each time a user is added to the tenant, this should be reflected in the user management page on AI Center.

The following default groups and roles are assigned when creating a new project:

  • The Project Creator is added to the project with the Project Administrator role.
  • The Project Administrator has the option to make this project accessible to everyone with the Project Administrator role, or manuallt set permissions at project level.

Profile page

The profile page displays two tables with permissions information on two levels:

  • Tenant level
  • Project level

The tenant table is static, only displaying permissions at tenant level.

In the project table you can view permissions at project level, choosing the project you are interested in from the drop-down list. You can also search for a project by typing in the drop-down field.



Restricting access to an existing project

To restrict or unrestrict access to an existing project, follow the procedure below.

  1. Log in to UiPath® AI Center.
  2. Click on the three dots button on a project card and choose Edit from the drop-down menu.


  3. In the Edit project page, turn on the Restrict access toggle.


  4. Go to the User Management page in your project.


  5. Click on the three dots button next to a user or a group to edit the user assignment or click Assign to assign a new user with the desired role.
  6. Select the desired role for the user from the drop-down list.


  7. If you want to add a new user or group, click Assign in the User Management page.
  8. To delete a user or a group, click on the three dots button next to a user or a group and select Delete from the drop-down list.


    Note: When deleting a user, only the roles are removed from the list. The username is still displayed in the list, even though it has no roles assigned.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.