Skip to content

Platform administration

Configure shared models, credentials, organizations, users, and signup controls for a self-hosted deployment.

The first person to sign up becomes the platform owner. Use Admin for settings that apply to the entire deployment, including shared models, user accounts, and signup controls.

A fresh install has no platform models. Open Admin → Model Deployments, select Add deployment, and enter:

Model Name: dn/security-model
Provider Model: <provider>/<model-id>
Credential: <saved provider credential>
  • Model Name must start with dn/. Put the provider’s model identifier in Provider Model.
  • Select Test connection and confirm it succeeds before you choose Create deployment.
  • For a model outside the pricing catalog, set Behaves Like to a catalog model or enter both custom input and output prices.

Drag deployments to set their order in model pickers. Changes apply to new sessions within about a minute.

Use Actions → Export deployments to download the current configuration. Exports include model and pricing settings but never API keys.

Use Actions → Import deployments in the destination environment. Review the preview before applying it. Create all as new creates duplicate deployments, so leave it off for normal imports.

Use Actions → Refresh model cost map when a newly released model has no pricing or context window information.

Manage model credentials and catalog entries

Section titled “Manage model credentials and catalog entries”
  • Admin → Credentials adds and rotates shared provider credentials.
  • Admin → Featured Models controls which provider models appear as recommended choices.
  • Admin → Diagnostics shows model-service health and version information.

Use Admin → Organizations to view, create, or delete organizations across the deployment. When creating an organization, set its owner and maximum member count.

Use Settings → General for changes that belong to one organization, such as its display name.

Use Admin → Users to search across the deployment and inspect a user’s account state, organization memberships, and platform role.

From a user detail page, you can:

  • verify an email address
  • grant or revoke platform-admin access
  • delete the account

You cannot change your own platform role or modify a platform owner’s role. Only a platform owner can revoke platform-admin access from another administrator.

Use Admin → Security to:

  • limit signups from one IP address within a 24-hour period
  • block signup traffic from specific CIDR ranges
  • allow or block individual disposable email domains