Skill

omni-admin

Administer an Omni Analytics instance — manage connections, users, groups, user attributes, permissions, schedules, and schema refreshes via the Omni CLI. Use this skill whenever someone wants to manage users or groups, set up permissions on a dashboard or folder, configure user attributes, create or modify schedules, manage database connections, refresh a schema, set up access controls, provision users, or any variant of "add a user", "give access to", "set up permissions", "who has access", "configure connection", "refresh the schema", or "schedule a delivery".

npx claudepluginhub exploreomni/omni-agent-skills --plugin omni-integrations

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Manage your Omni instance — connections, users, groups, user attributes, permissions, schedules, and schema refreshes.

Supporting Assets

evals/evals.json

SKILL.md

Similar Skills

omni-admin

Administers Omni Analytics via REST API: manage connections, users, groups, permissions, schedules, schema refreshes. Use for provisioning users, setting access controls, or configuring connections.

omni-analytics

looker-dev

Creates git branches, project directories, LookML files, and boilerplate views from database tables in Looker projects. Requires dev mode.

20 files

looker

model-exploration

Use when exploring Honeydew semantic layer, discovering entities/fields, setting up workspace and branch context, or querying data. For creating metrics use metric-creation skill. For creating attributes use attribute-creation skill.

honeydew-ai

Stats

Stars13

Forks0

Last CommitApr 23, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Omni Admin

Manage your Omni instance — connections, users, groups, user attributes, permissions, schedules, and schema refreshes.

Tip: Most admin endpoints require an Organization API Key (not a Personal Access Token).

Prerequisites

# Verify the Omni CLI is installed — if not, ask the user to install it
# See: https://github.com/exploreomni/cli#readme
command -v omni >/dev/null || echo "ERROR: Omni CLI is not installed."

# Show available profiles and select the appropriate one
omni config show
# If multiple profiles exist, ask the user which to use, then switch:
omni config use <profile-name>

Discovering Commands

omni scim --help             # User and group management
omni schedules --help        # Schedule operations
omni connections --help      # Connection management
omni documents --help        # Document permissions
omni folders --help          # Folder permissions

Tip: Use -o json to force structured output for programmatic parsing, or -o human for readable tables. The default is auto (human in a TTY, JSON when piped).

Connections

# List connections
omni connections list

# Schema refresh schedules
omni connections schedules-list <connectionId>

# Connection environments
omni connections connection-environments-list

User Management (SCIM 2.0)

# List users
omni scim users-list

# Find by email
omni scim users-list --filter 'userName eq "user@company.com"'

# Create user
omni scim users-create --body '{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
  "userName": "newuser@company.com",
  "displayName": "New User",
  "active": true,
  "emails": [{ "primary": true, "value": "newuser@company.com" }]
}'

# Deactivate user
omni scim users-update <userId> --body '{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
  "Operations": [{ "op": "replace", "path": "active", "value": false }]
}'

# Delete user
omni scim users-delete <userId>

Group Management (SCIM 2.0)

# List groups
omni scim groups-list

# Create group
omni scim groups-create --body '{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
  "displayName": "Analytics Team",
  "members": [{ "value": "user-uuid-1" }]
}'

# Add members
omni scim groups-update <groupId> --body '{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
  "Operations": [{ "op": "add", "path": "members", "value": [{ "value": "new-user-uuid" }] }]
}'

User Attributes

# List attributes
omni user-attributes list

# Set attribute on user (via SCIM)
omni scim users-update <userId> --body '{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
  "Operations": [{
    "op": "replace",
    "path": "urn:omni:params:1.0:UserAttribute:region",
    "value": "West Coast"
  }]
}'

User attributes work with access_filters in topics for row-level security.

Model Roles

# Get/set model roles for a user
omni users get-model-roles <userId>

omni users assign-model-role <userId> --body '{ "modelId": "{modelId}", "role": "VIEWER" }'

# Get/set model roles for a group
omni users user-groups-get-model-roles <groupId>

omni users user-groups-assign-model-role <groupId> --body '{ "modelId": "{modelId}", "role": "VIEWER" }'

Document Permissions

# Get permissions for a user (userId required)
omni documents get-permissions <documentId> --userid <userId>

# Set permissions
omni documents update-permission-settings <documentId> --body '{
  "permissions": [
    { "type": "group", "id": "group-uuid", "access": "view" },
    { "type": "user", "id": "user-uuid", "access": "edit" }
  ]
}'

Folder Permissions

# Get
omni folders get-permissions <folderId>

# Set
omni folders add-permissions <folderId> --body '{
  "permissions": [{ "type": "group", "id": "group-uuid", "access": "view" }]
}'

Schedules

# List schedules
omni schedules list

# Create schedule
omni schedules create --body '{
  "documentId": "dashboard-identifier",
  "frequency": "weekly",
  "dayOfWeek": "monday",
  "hour": 9,
  "timezone": "America/Los_Angeles",
  "format": "pdf"
}'

# Manage recipients
omni schedules recipients-get <scheduleId>

omni schedules add-recipients <scheduleId> --body '{ "recipients": [{ "type": "email", "value": "team@company.com" }] }'

Verification After Changes

Admin operations can silently fail or partially apply. Always read back the state after any write to confirm the change took effect.

After User Operations

# After creating or updating a user, verify they exist with correct state
omni scim users-list --filter 'userName eq "newuser@company.com"'

Check that: active matches what you set, displayName is correct, and the user ID was returned (not an error).

After Group Operations

# After creating a group or modifying members, verify membership
omni scim groups-list

Check that: the group exists with the expected displayName, and members array contains the expected user UUIDs.

After Permission Changes

# After setting document permissions, verify for the target user
omni documents get-permissions <documentId> --userid <userId>

# After setting folder permissions, verify
omni folders get-permissions <folderId>

Check that: the permission access level matches what you set (view, edit), and the target user/group ID is listed.

After User Attribute Changes

# Verify the attribute value was set
omni user-attributes list

If the attribute is used for row-level security (access_filters), test it by running a query as the target user:

omni query run --body '{ "query": { ... }, "userId": "<target-user-uuid>" }'

Verify the results are correctly filtered — the user should only see rows matching their attribute value.

After Schedule Operations

# Verify schedule was created with correct settings
omni schedules list

# Verify recipients were added
omni schedules recipients-get <scheduleId>

Check that: frequency, dayOfWeek, hour, timezone, and format match what you set, and all intended recipients are listed.

Verification Checklist

Operation	Verify With	What to Check
Create/update user	`omni scim users-list --filter ...`	User exists, `active` status correct
Create/update group	`omni scim groups-list`	Group exists, members list correct
Set document permissions	`omni documents get-permissions`	Access level and target correct
Set folder permissions	`omni folders get-permissions`	Access level and target correct
Set user attribute	`omni user-attributes list`	Attribute value set
User attribute + access filter	`omni query run` with `userId`	Row-level filtering works
Create schedule	`omni schedules list`	Schedule settings correct
Add recipients	`omni schedules recipients-get`	All recipients listed

Cache and Validation

# Reset cache policy
omni models cache-reset <modelId> <policyName> --body '{ "resetAt": "2025-01-30T22:30:52.872Z" }'

# Content validator (find broken field references across all dashboards and tiles)
# Useful for blast-radius analysis: remove a field on a branch, then run the
# validator against that branch to see what content would break.
# See the Field Impact Analysis section in omni-model-explorer for the full workflow.
omni models content-validator-get <modelId>

# Run against a specific branch (e.g., after removing a field)
omni models content-validator-get <modelId> --branch-id <branchId>

# Git configuration
omni models git-get <modelId>

Docs Reference

Connections · Users (SCIM) · Groups (SCIM) · User Attributes · Document Permissions · Folder Permissions · Schedules · Schedule Recipients · Content Validator · API Authentication

Related Skills

omni-model-builder — edit the model that access controls apply to
omni-content-explorer — find documents before setting permissions
omni-content-builder — create dashboards before scheduling delivery
omni-embed — manage embed users and user attributes for embedded dashboards