User Management
In Rill Cloud, there are three types of users:
- Organizational Users: these users have at least viewer access to all projects within an organization.
- Project Users: these users have at least viewer access to a single Rill project. These users do not need to be part of the organization.
- User group Users: These users are added to your organization and are given permissions via user groups.
Note that the permissions may vary from each level, please review the Roles and Permissions page for more information!
We have begun releasing new features around user managment via Rill Cloud. If you'd like to learn more, please feel free to reach out!
Organization Users
When you invite a user to an organization on Rill Cloud, they automatically get access to all projects in the organization. Users can have one of two roles:
- Viewers can browse projects and view dashboards
- Admins can manage projects by deploying new projects, making changes to existing projects, or deleting deployed projects. They can also manage members of an organization by granting or revoking access to other users.
For a detailed list of permissions, please refer to the Roles and Permissions.
How to add an Organization User
Administrators can be invited to an organization from the users page, or via the CLI.
Administrator adds from Rill Cloud User page
From the organization page, you can manage users under the Users tab. Adding users from this page will add the user to the organization.
Administrator invites user via the CLI
rill user add
? Select role [Use arrows to move, type to filter]
> admin
viewer
You will then be prompted for details about the user.
If you add a user who has not yet signed up for Rill, they will receive an email inviting them to sign up and join.
Administrator adds the user to a user group with organization access
If you have already set up a user group that has access on the organization level, instead of setting up users individually, you can add them to the user group.
rill user add --group <group_with_org_permissions>
? Enter email <email here>
User "<email here>" added to the user group "<group_with_org_permissions>"
![] add image here
Automatically add members by email domain
You can automatically add users to your organization by their email domain. During the deployment process and in the Organization settings page, you can input the domain to whitelist.
For example, if you whitelist yourdomain.com, new and existing users with an email address ending on @yourdomain.com will automatically be added to your organization.
The feature currently requires manual action by a support representative at Rill. Just reach out here and ask us to whitelist your domain.
Project Users
When a user gains access to Rill Cloud via the project invite, they will only be able to view that specific project. Project Users can have two roles:
- Viewers can browse the specific project and view dashboards
- Admins can manage the project by making changes to the project's files, gains access to the Status and Settings page on the project and can invite other admins to the project.
For a detailed list of permissions, please refer to the Roles and Permissions.
How to add a Project User
There are a few ways to add a project user to Rill Cloud.
- Administrator invites user to the project using
Share. - User requests access via the project URL.
https://ui.rilldata.com/<project_name> - Adminstrator invites user via the CLI with
--project <project_name>flag.
Admin invites user from Rill Cloud
From the project's splash screen, please select share and type the email[s] along with the type of permissions.
Once sent, your invited users will receive this email and will need to accept it to view the project.
User requests access via URL
Alternatively, if you provide the project URL to your users, they can request access to the group admin. Users can request access via the page below:
The admin would receive an email to allow access, and can set the permission after accepting the request via the UI.
Administrator invites user via the CLI
To add a member to a project, run the following command:
rill user add --project [PROJECT NAME]
You will then be prompted for details about the user. HINT: Run rill project list to show available projects.
If you add a user who has not yet signed up for Rill, they will receive an email inviting them to join.
Other actions
Run rill user --help to show commands for listing members or changing access.
User Groups
Another way to manage user is via User groups. Users can be added to a group using the following from the Rill CLI. You can define the usergroup to have certain permissions on specific groups.
- Viewers can view the project's dashboards that the user group has gained permissions
- Admins can additionally edit the project, and view and edit project members
For more information on setting up user group permissions.
How to add a user to a Usergroup
There are two ways to add a user to a user group.
- Administrator adds them via Rill Cloud (Coming soon!)
- Administrator adds them via the CLI
Administrator adds from Rill Cloud
Administrator adds from the CLI
rill user add --group <group-name>
You will then be prompted for details on the user.
You will not be asked the permissions when adding to a group as the group defines the user permissions.
If the user you are trying to add is not part of the organization yet, the CLI will prompt you to add them to the organization first then proceed to adding them to a group.
To see the current members of a group:
rill user list --group <group-name>
To find the current user group roles, with project flag if looking for specific project's role:
rill usergroup list <--project my_project_name>
Which privilege wins?
Rill uses a logical OR operand to define the winning privilege. In other words, whichever has the higher privilege will be applied. See below for some example situations that may arise.
| # | Organization | Project (not required) | Group (not required) | Resulting privilege |
|---|---|---|---|---|
| 1 | admin | viewer | --- | admin |
| 2 | viewer | admin | viewer | admin |
| 3 | viewer | --- | viewer | viewer |
| 4 | viewer | viewer | --- | viewer |
Logging into Rill Cloud
In order to access a deployed project and/or view a shared dashboard, users will need to first login to Rill Cloud. When you first navigate to https://ui.rilldata.com/, you will see a few different options to login, including:
- Google SSO
- Microsoft SSO
- Email (basic auth)
Rill Cloud does support SAML authentication for our enterprise customers. If this is a requirement, please get in contact with us and we can discuss appropriate next steps to help you with your setup.
If this is the first time you are accessing Rill Cloud, you will want to sign up instead.
If you are unsure which option to select, select Continue with Email and set up basic authentication (email address / password).
Afterwards, you should receive an email verification to complete the sign up process.
You should now be authenticated with Rill Cloud and be able to sign-in directly going forward!
Reference: Walking through access levels
In the following example, you can see the different levels of access to Rill via the organization, project-specific access, user group and user privileges.
Key things to note
- There are three levels of access: organizations, projects, and groups.
- User groups can only exist within an organization.
- In the case of adding a user who is not part of the organization to a user group, you will prompted to add them first.
- User groups permissions can either be added for the organization as a whole, or specific projects.
rill usergroup create [--project project_name]
- All users added to an organization must have at least
viewerprivilege.- In the above diagram,
User 5is redundant as there's alreadyvieweraccess.
- In the above diagram,