Users and Roles

This page covers how to manage users in your Rockset organization.

#New Users

You can add or remove users using the Rockset console under Manage > Users. When a new user is added, Rockset will send them an invite to Rockset Console with a temporary password that they will be required to change on first login.


In Rockset, each user can have one of several roles, which correspond to the following permissions:

ResourceRead OnlyMemberAdministrator
Self's API Keysread+writeread+writeread+write
Others' API Keys--read+write

#Single Sign-On

Google for Work (G Suite) single-sign on is enabled for all accounts. Additional SSO connections such as Okta or OneLogin are available to Enterprise customers. Once you've created your connection, you'll have several additional settings available.

  • SSO-only: This setting allows users to connect to Rockset only from your SSO provider. Other forms of authentication, such as username-password, are disabled. If off, all connections will be allowed. We recommend turning this setting on for maximum security.
  • Autoprovision: This setting tells Rockset to automatically create accounts for new users coming to Rockset from your SSO provider. Most SSO providers provide their own form of access control, so we recommend turning this setting on. If off, you will have to add users in the Rockset UI before they are able to access Rockset.
Join us on Slack!
Building on Rockset? Come chat with us!