🤗 UI - Self-Serve
Allow users to create their own keys on Proxy UI.
- Add user with permissions to a team on proxy
- UI
- API
Go to Internal Users
-> +New User
Create a new Internal User on LiteLLM and assign them the role internal_user
.
curl -X POST '<PROXY_BASE_URL>/user/new' \
-H 'Authorization: Bearer <PROXY_MASTER_KEY>' \
-H 'Content-Type: application/json' \
-D '{
"user_email": "krrishdholakia@gmail.com",
"user_role": "internal_user" # 👈 THIS ALLOWS USER TO CREATE/VIEW/DELETE THEIR OWN KEYS + SEE THEIR SPEND
}'
Expected Response
{
"user_id": "e9d45c7c-b20b-4ff8-ae76-3f479a7b1d7d", 👈 USE IN STEP 2
"user_email": "<YOUR_USERS_EMAIL>",
"user_role": "internal_user",
...
}
Here's the available UI roles for a LiteLLM Internal User:
Admin Roles:
proxy_admin
: admin over the platformproxy_admin_viewer
: can login, view all keys, view all spend. Cannot create/delete keys, add new users.
Internal User Roles:
internal_user
: can login, view/create/delete their own keys, view their spend. Cannot add new users.internal_user_viewer
: can login, view their own keys, view their own spend. Cannot create/delete keys, add new users.
- Share invitation link with user
- UI
- API
Copy the invitation link with the user
curl -X POST '<PROXY_BASE_URL>/invitation/new' \
-H 'Authorization: Bearer <PROXY_MASTER_KEY>' \
-H 'Content-Type: application/json' \
-D '{
"user_id": "e9d45c7c-b20b..." # 👈 USER ID FROM STEP 1
}'
Expected Response
{
"id": "a2f0918f-43b0-4770-a664-96ddd192966e",
"user_id": "e9d45c7c-b20b..",
"is_accepted": false,
"accepted_at": null,
"expires_at": "2024-06-13T00:02:16.454000Z", # 👈 VALID FOR 7d
"created_at": "2024-06-06T00:02:16.454000Z",
"created_by": "116544810872468347480",
"updated_at": "2024-06-06T00:02:16.454000Z",
"updated_by": "116544810872468347480"
}
Invitation Link:
http://0.0.0.0:4000/ui/onboarding?id=a2f0918f-43b0-4770-a664-96ddd192966e
# <YOUR_PROXY_BASE_URL>/ui/onboarding?id=<id>
Use Email Notifications to email users onboarding links
- User logs in via email + password auth
LiteLLM Enterprise: Enable SSO login
- User can now create their own keys
Allow users to View Usage, Caching Analytics
- Go to Internal Users -> +Invite User
Set their role to Admin Viewer
- this means they can only view usage, caching analytics
- Share invitation link with user
- User logs in via email + password auth
- User can now view Usage, Caching Analytics
Available Roles
Here's the available UI roles for a LiteLLM Internal User:
Admin Roles:
proxy_admin
: admin over the platformproxy_admin_viewer
: can login, view all keys, view all spend. Cannot create/delete keys, add new users.
Internal User Roles:
internal_user
: can login, view/create/delete their own keys, view their spend. Cannot add new users.internal_user_viewer
: can login, view their own keys, view their own spend. Cannot create/delete keys, add new users.
Advanced
Setting custom logout URLs
Set PROXY_LOGOUT_URL
in your .env if you want users to get redirected to a specific URL when they click logout
export PROXY_LOGOUT_URL="https://www.google.com"
Set max budget for internal users
Automatically apply budget per internal user when they sign up
litellm_settings:
max_internal_user_budget: 10
internal_user_budget_duration: "1mo" # reset every month
This sets a max budget of $10 USD for internal users when they sign up.
This budget only applies to personal keys created by that user - seen under Default Team
on the UI.
This budget does not apply to keys created under non-default teams.