Chapter 1. User types and permissions

Red Hat OpenShift Data Science uses different user groups to control the permissions available to each user.

Red Hat OpenShift Data Science contains the following user types:

Table 1.1. User types and permissions

User TypeDefault User GroupPermissions

Data scientists


Data scientists can access and use individual components of Red Hat OpenShift Data Science, such as JupyterHub.

IT operations administrators


In addition to the actions permitted to a data scientist, IT operations administrators can:

  • Configure Red Hat OpenShift Data Science settings.
  • Access and manage notebook servers in the JupyterHub administration interface.

Although users of OpenShift Data Science and its components are authenticated through OpenShift, session management is separate from authentication. This means that logging out of OpenShift Dedicated or OpenShift Data Science does not affect a logged in JupyterHub session running on those platforms. This means that when a user’s permissions change, that user must log out of all current sessions in order for the changes to take effect.


The user groups configured in OpenShift Dedicated, cluster-admins and dedicated-admins, are separate to the OpenShift Data Science user groups.

There are some operations relevant to OpenShift Data Science that require the cluster-admins or dedicated-admins role. Those operations include:

  • Adding users to the rhods-users and rhods-admins groups.
  • Removing users from the rhods-users and rhods-admins groups.
  • Managing custom environment and storage configuration for users in OpenShift Dedicated, such as Jupyter notebook resources, ConfigMaps, and persistent volume claims (PVCs).