Manage access¶
To manage access to DataRobot, you may need to:
- Manage your DataRobot license.
- Configure SSO SAML for users.
Manage licenses¶
Availability information
This feature is only available on the Self-Managed AI Platform.
Required permission: Enable Application Management
A valid, unexpired DataRobot license is required for model building. Use the License page to apply a new license key to the deployed cluster when the current license is expiring or close to expiring. Contact Support to obtain a new DataRobot license key, when required.
The application banner shows messages, visible to all users, when:
- The current license is expiring within 30 days (by default); users can click the banner to snooze for four days at a time.
- The license has expired.
If your license expires before applying the new license, users continue to have access to DataRobot and can make predictions using existing models. They cannot build new models or new insights or generate Compliance Documentation; existing elements are still available in the UI, however. If model building (EDA2) is running for a project when the license expires, the current round finishes.
When you apply the new license, existing projects resume and users can again create new models and use all features.
Apply a new license¶
Note
If you do not already have the new license key, you must first request it from Support.
Once you have the license:
-
Expand the profile icon located in the upper right and click License. The page shows license details, including expiration date, concurrent workers limit, maximum active users, prepaid deployment limit, maximum deployment limit, and in some instances, subscription features:
-
Copy the license key you receive from Support, paste it to the License Key field, and click Validate.
-
Review the details associated with the provided license key and, if correct, click Submit.
When successful, a message in the application banner shows the license is valid, and the tooltip shows the new license expiration date. It may take a few moments for the license change to take effect across your deployed cluster.
Note
The details shown for a specific license are based on your subscription. For more information on license details, contact Support.
Configure SSO SAML¶
Note
Required cluster configuration: "Enable SAML SSO configuration management"
Warning
SSO SAML will be deprecated in an upcoming release. You must configure Enhanced SAML Single Sign-on before DataRobot 7.1. If you need help configuring Enhanced SAML SSO, contact your DataRobot representative.
DataRobot can use external services (Identity Providers, or IdP) for user authentication through Single Sign-On (SSO) technology. DataRobot supports SSO using the SAML (Security Assertion Markup Language) standard protocol. When users log in to a DataRobot cluster configured for SSO, they click a Single Sign-On button which redirects them to the IdP's authentication page. After signing in successfully, users are then redirected to DataRobot.
If supported, configure the identity provider integration settings as follows.
-
Click the profile icon in the top right corner and select APP ADMIN > Manage Users from the dropdown menu.
-
Click Manage SSO and configure the SSO settings described in the table below. When finished, click Create.
Field | Description |
---|---|
Entity Id | Unique identifier. Provided by Identity Provider |
IdP Metadata URL | Link to XML document with integration specific information |
Single Sign-On URL | DataRobot URL to redirect user after successful authentication on Identity Provider’s side |
Single Sign-Out URL | DataRobot URL to redirect user after sign out on Identity Provider’s side |
Verify IdP Metadata HTTPS Certificate | If selected, the public certificate of the Identity Provider is required |
User Session Length (sec) | Session cookie expiration time. Default is one month. |
SP Initiated Method | SAML method used to start authentication negotiation |
IdP Initiated Method | SAML method used to move user to DataRobot after successful authentication |
Identity Provider Metadata | XML document with integration specific information (needed if the Identity Provider doesn't provide IdP Metadata URL) |