Overview
To access Modzy APIs, you need to have a user. Each user gets a team key assigned when they become a team member. Team keys contain a number of roles each of which contains entitlements that provide authorization to perform different calls to the APIs.
Roles
As prebuilt groups of entitlements, roles are elements that get assigned to API keys to authorize access to different kinds of calls. Modzy has six prebuilt roles, to meet your requirements. There are two types of roles: system
and user
. The system role can only be assigned to project keys while user roles can only be assigned to team keys.
Prebuilt roles
Platform Administrator
Platform Administrators have full control over an installation. including all users and teams.
Identifier | Type | Highlights |
---|---|---|
|
|
|
Team Administrator
Team Administrators have full control over their teams
Identifier | Type | Highlights |
---|---|---|
|
|
|
Data Scientist
Identifier | Type | Highlights |
---|---|---|
|
|
|
Developer
Developers have full access to the API and most ModelOps features. They can integrate Modzy into other applications.
Identifier | Type | Highlights |
---|---|---|
|
|
|
Auditor
Auditors can view all activity across an installation of Modzy. They are for security, oversight, and compliance users.
Identifier | Type | Highlights |
---|---|---|
|
|
|
Project key
This role can be only assigned to project keys. Unlike team keys which are used for prototyping, project keys are linked to projects and used for ongoing API calls to specific models and can be used for the entire job lifecycle.
Identifier | Type | Highlights |
---|---|---|
|
|
|
The team role
Every API key has the TEAM_ROLE
role assigned upon creation. This role provides access to the user profile, to manage own API keys, to switch between different teams, and others.
Entitlements
Entitlements are the roles components. They are the privileges that authorize the usage of private routes.
SCOPE
There are three different types of scopes: ALL
, TEAM
, and OWN
. Entitlements with the ALL
scope provide access to all the data a route can access. Entitlements with the TEAM
scope provide access to a route’s team data. Entitlements with the OWN
scope provide access to a route’s data related to the requestor’s API Keys.
Platform Administrators have most entitlements set with the ALL
scope. Team Administrators have most entitlements set with the TEAM scope. Data Scientists and Developers have most entitlements set with the OWN
scope. Auditors mostly have the ALL
scope but are limited to view-only entitlements. Users with multiple API keys with different roles always access the wider scope.