Model access for individual users

[mrh-chain]

I'm trying to migrate away from a setup that is a 1:1 mapping of virtual keys:actual users. Instead I'd like to leverage internal users, allowing them to create their own keys.

After creating an internal user via the UI, I noticed that there's no way to specify what models they have access to. They just have access to "no-default-models", which equals no models.

Trying then to add "all-proxy-models" to the "models" attribute via the API (can't via the UI apparently), I am now seeing all the available models and I then proceed to create a virtual key as that user.

However, when trying to use the key with the "Test Key" functionality of the UI, I am given this error:
Error occurred while generating model response. Please try again. Error: Error: 401 User not allowed to access model. No default model access, only team models allowed. Tried to access claude-3.7-sonnet

I've then tried to have the user create a token for a team, but that can apparently only be done if the user is a team admin. For this use-case, the user shouldn't be a team admin.

Any advise on how to do this? My end-goal is to have users of this platform be able to use the models that is made available to them (either available to the entire platform, or to their team - I don't really mind either) and to create keys they can use without having to be admins.

[mrh-chain]

One solution I was able to find is to ensure that the user does not have "no-default-model" in their models list. Apparently, having that in there, even if also having "all-proxy-models" in there breaks model access.

[krrishdholakia]

that there's no way to specify what models they have access to.

This is incorrect. You can specify the models they have access to on the UI + API.

UI: Under 'Personal Key Creation'

API: models parameter

---

no-default-models is a special string, and if it exists the entity (user/team/key) cannot call any models