omni-adminpar exploreomni
Administer an Omni Analytics instance — manage connections, users, groups, user attributes, permissions, schedules, and schema refreshes via the Omni CLI. Use…
npx skills add https://github.com/exploreomni/omni-agent-skills --skill omni-adminOmni Admin
Manage your Omni instance — connections, users, groups, user attributes, permissions, schedules, and schema refreshes.
Tip: Most admin endpoints require an Organization API Key (not a Personal Access Token).
Prerequisites
# Verify the Omni CLI is installed — if not, ask the user to install it
# See: https://github.com/exploreomni/cli#readme
command -v omni >/dev/null || echo "ERROR: Omni CLI is not installed."
# Show available profiles and select the appropriate one
omni config show
# If multiple profiles exist, ask the user which to use, then switch:
omni config use <profile-name>
Discovering Commands
omni scim --help # User and group management
omni schedules --help # Schedule operations
omni connections --help # Connection management
omni documents --help # Document permissions
omni folders --help # Folder permissions
Tip: Use
-o jsonto force structured output for programmatic parsing, or-o humanfor readable tables. The default isauto(human in a TTY, JSON when piped).
Connections
# List connections
omni connections list
# Schema refresh schedules
omni connections schedules-list <connectionId>
# Connection environments
omni connections connection-environments-list
User Management (SCIM 2.0)
# List users
omni scim users-list
# Find by email
omni scim users-list --filter 'userName eq "[email protected]"'
# Create user
omni scim users-create --body '{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
"userName": "[email protected]",
"displayName": "New User",
"active": true,
"emails": [{ "primary": true, "value": "[email protected]" }]
}'
# Deactivate user
omni scim users-update <userId> --body '{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
"Operations": [{ "op": "replace", "path": "active", "value": false }]
}'
# Delete user
omni scim users-delete <userId>
Group Management (SCIM 2.0)
# List groups
omni scim groups-list
# Create group
omni scim groups-create --body '{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
"displayName": "Analytics Team",
"members": [{ "value": "user-uuid-1" }]
}'
# Add members
omni scim groups-update <groupId> --body '{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
"Operations": [{ "op": "add", "path": "members", "value": [{ "value": "new-user-uuid" }] }]
}'
User Attributes
# List attributes
omni user-attributes list
# Set attribute on user (via SCIM)
omni scim users-update <userId> --body '{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
"Operations": [{
"op": "replace",
"path": "urn:omni:params:1.0:UserAttribute:region",
"value": "West Coast"
}]
}'
User attributes work with access_filters in topics for row-level security.
Model Roles
# Get/set model roles for a user
omni users get-model-roles <userId>
omni users assign-model-role <userId> --body '{ "modelId": "{modelId}", "role": "VIEWER" }'
# Get/set model roles for a group
omni users user-groups-get-model-roles <groupId>
omni users user-groups-assign-model-role <groupId> --body '{ "modelId": "{modelId}", "role": "VIEWER" }'
Document Permissions
# Get permissions for a user (userId required)
omni documents get-permissions <documentId> --userid <userId>
# Set permissions
omni documents update-permission-settings <documentId> --body '{
"permissions": [
{ "type": "group", "id": "group-uuid", "access": "view" },
{ "type": "user", "id": "user-uuid", "access": "edit" }
]
}'
Folder Permissions
# Get
omni folders get-permissions <folderId>
# Set
omni folders add-permissions <folderId> --body '{
"permissions": [{ "type": "group", "id": "group-uuid", "access": "view" }]
}'
Schedules
# List schedules
omni schedules list
# Create schedule
omni schedules create --body '{
"documentId": "dashboard-identifier",
"frequency": "weekly",
"dayOfWeek": "monday",
"hour": 9,
"timezone": "America/Los_Angeles",
"format": "pdf"
}'
# Manage recipients
omni schedules recipients-get <scheduleId>
omni schedules add-recipients <scheduleId> --body '{ "recipients": [{ "type": "email", "value": "[email protected]" }] }'
Verification After Changes
Admin operations can silently fail or partially apply. Always read back the state after any write to confirm the change took effect.
After User Operations
# After creating or updating a user, verify they exist with correct state
omni scim users-list --filter 'userName eq "[email protected]"'
Check that: active matches what you set, displayName is correct, and the user ID was returned (not an error).
After Group Operations
# After creating a group or modifying members, verify membership
omni scim groups-list
Check that: the group exists with the expected displayName, and members array contains the expected user UUIDs.
After Permission Changes
# After setting document permissions, verify for the target user
omni documents get-permissions <documentId> --userid <userId>
# After setting folder permissions, verify
omni folders get-permissions <folderId>
Check that: the permission access level matches what you set (view, edit), and the target user/group ID is listed.
After User Attribute Changes
# Verify the attribute value was set
omni user-attributes list
If the attribute is used for row-level security (access_filters), test it by running a query as the target user:
omni query run --body '{ "query": { ... }, "userId": "<target-user-uuid>" }'
Verify the results are correctly filtered — the user should only see rows matching their attribute value.
After Schedule Operations
# Verify schedule was created with correct settings
omni schedules list
# Verify recipients were added
omni schedules recipients-get <scheduleId>
Check that: frequency, dayOfWeek, hour, timezone, and format match what you set, and all intended recipients are listed.
Verification Checklist
| Operation | Verify With | What to Check |
|---|---|---|
| Create/update user | omni scim users-list --filter ... | User exists, active status correct |
| Create/update group | omni scim groups-list | Group exists, members list correct |
| Set document permissions | omni documents get-permissions | Access level and target correct |
| Set folder permissions | omni folders get-permissions | Access level and target correct |
| Set user attribute | omni user-attributes list | Attribute value set |
| User attribute + access filter | omni query run with userId | Row-level filtering works |
| Create schedule | omni schedules list | Schedule settings correct |
| Add recipients | omni schedules recipients-get | All recipients listed |
Cache and Validation
# Reset cache policy
omni models cache-reset <modelId> <policyName> --body '{ "resetAt": "2025-01-30T22:30:52.872Z" }'
# Content validator (find broken field references across all dashboards and tiles)
# Useful for blast-radius analysis: remove a field on a branch, then run the
# validator against that branch to see what content would break.
# See the Field Impact Analysis section in omni-model-explorer for the full workflow.
omni models content-validator-get <modelId>
# Run against a specific branch (e.g., after removing a field)
omni models content-validator-get <modelId> --branch-id <branchId>
# Git configuration
omni models git-get <modelId>
Docs Reference
- Connections · Users (SCIM) · Groups (SCIM) · User Attributes · Document Permissions · Folder Permissions · Schedules · Schedule Recipients · Content Validator · API Authentication
Related Skills
- omni-model-builder — edit the model that access controls apply to
- omni-content-explorer — find documents before setting permissions
- omni-content-builder — create dashboards before scheduling delivery
- omni-embed — manage embed users and user attributes for embedded dashboards
Plus de skills de exploreomni
omni-ai-eval
by exploreomni
Evaluate Omni AI query generation accuracy by running test prompts through the Omni CLI, comparing generated query JSON against expected results, and scoring…
omni-ai-optimizer
by exploreomni
Optimize your Omni Analytics model for Blobby, the Omni Agent — configure ai_context, ai_fields, sample_queries, and create AI-specific topic extensions. Use…
omni-content-builder
by exploreomni
Create, update, and manage Omni Analytics documents and dashboards programmatically — document lifecycle, tiles, visualizations, filters, and layouts — using…
omni-content-explorer
by exploreomni
Find, browse, and organize content in Omni Analytics — dashboards, workbooks, folders, and labels — using the Omni CLI. Use this skill whenever someone wants…
omni-embed
by exploreomni
Embed Omni Analytics dashboards in external applications — URL signing, custom themes, iframe events, entity workspaces, and permission-aware content — using…
omni-model-builder
by exploreomni
Create and edit Omni Analytics semantic model definitions — views, topics, dimensions, measures, relationships, and query views — using YAML through the Omni…
omni-model-explorer
by exploreomni
Discover and inspect Omni Analytics models, topics, views, fields, dimensions, measures, and relationships using the Omni CLI. Use this skill whenever someone…
omni-query
by exploreomni
Run queries against Omni Analytics' semantic layer using the Omni CLI, interpret results, and chain queries for multi-step analysis. Use this skill whenever…