Managing Users

Each individual in your organization who works with TripleBlind should have their own account. This provides the strongest security guarantees with precise permissions, and produces the most accurate audit logs.

User management is available by clicking on the organization name in the lower-left corner, then visiting the Users tab. The Owner account and individuals with User > Manage permission are able to invite others to the organization and set their permissions. The recommended approach to permissions is to grant the minimum needed for each individual to do their job. Additional permissions can easily be granted later.

Adding Users

To add a new account, click “Invite New Users” and enter the new user’s email address. The user will receive an email inviting them to sign up and create a password. Administrators can also grant the appropriate permissions for the user at invitation time. Users invited by non-administrators will need to have permissions granted after they have created their account before they can do anything.

Setting Permissions

Each user must be granted one or more permissions in order to perform tasks on behalf of the Organization, either within the web interface or when running scripts. By default, users have no permissions when first created, so an Administrator will have to grant appropriate permissions after creating the account.

User Permissions

The Manage permission allows a user to manage the permissions for other users, the Invite permission allows a user to invite new users to the Organization, and the Remove permission allows a user to remove users from the Organization.

Algorithm Asset Permissions

The Grant Access permission allows a user to respond to a 3rd party’s request to run an algorithm that is owned by your Organization. Any user within your Organization may position an algorithm or model on the Access Point, but only users with the Publish permission are permitted to make it discoverable to other Organizations. Retrieve Asset allows a user to download a copy of a model or other algorithm that was previously Positioned on your access point, and Retrieve Result allows a user to download the output of an operation (e.g. a network trained using Blind Learning).

Dataset Asset Permissions

The Grant Access permission allows a user to respond to a 3rd party’s request to use a dataset that is owned by your Organization. Any user within your Organization may position a dataset on the Access Point, but only users with the Publish permission are permitted to make it discoverable to other Organizations. Retrieve Asset allows a user to download a copy of data that was previously Positioned on your access point, and Retrieve Result allows a user to download the output of an operation (e.g. results from a Blind Join).

Asset Permissions

The Manage Details permission allows a user to make changes to a previously positioned asset, such as archiving (deleting) the asset, changing the asset name, description or modifying the Mock Data. The Delete permission allows a user to remove an asset from the listing of available datasets or algorithms.

Agreement Permissions

The Manage permission allows a user to set up and manage Agreements with other Organizations.

Process Permissions

The Create permission allows a user to create processes that run on the system, such as model training or a Blind Join. To cancel or kill active processes for their team, users must be granted the Manage permission. Users with this permission can also see all active processes for their team in the SDK or GUI.