Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Important
Omnigent is in Beta. For the open-source documentation, see the Omnigent documentation.
On Azure Databricks, Omnigent uses your Azure Databricks workspace identity. There's no separate Omnigent login, account, or password to manage. Authentication and single sign-on use your Azure Databricks login, and access is governed by Azure Databricks.
Sign-in
When you open Omnigent from your Azure Databricks workspace, you're authenticated as your workspace user automatically. Every request carries your Azure Databricks identity, and Omnigent attributes your sessions and actions to that identity.
When you register your own machine as an Omnigent host with the CLI, you authenticate to the workspace the same way:
omni login <workspace-url>
This signs in with your Azure Databricks identity so the host you register belongs to you. To register a host, see the Omnigent quickstart.
Access control
Access to Omnigent and to individual sessions is governed by Azure Databricks:
- Who can use Omnigent. A workspace admin enables the Omnigent preview for your workspace. Anyone with workspace access and the preview enabled can use it.
- Session visibility. Each session is private to its owner until shared. Workspace admins do not have blanket access to every session; a session is visible to others only after the owner shares it.
- Identity resolution. Owners, collaborators, and the author of each turn are shown by their workspace email.
Session permissions
When you share a session, you grant one of the following permission levels:
Warning
Grant Edit carefully. An editor can run shell commands and modify files on the host through the agent, including any action available through the Omnigent MCP server. An editor can also view your other session chats.
| Permission | What it allows |
|---|---|
| Read | View and follow along with the session in real time, similar to a viewer on a shared document. A reader cannot send messages or make changes. |
| Edit | Full control of the session: send messages, open shells, edit files in the host file system, and rename the session. |