[abdullahkhalids]

Lots of these have popped up in the past year. I have a simple question from all of them.

Can this do authentication naively? Meaning, there is some simple code needed to ensure that every logged in user sees exactly the stuff they should, and non-logged in users see nothing.

[Terretta]

It's more than a little confusing to me the relationship or dependencies between h2o.ai, h2o-ai-cloud, and this Wave tooling.

With that huge caveat, insofar as Wave for "Enterprise" seems to run on H2O AI Hybrid Cloud (though H2O.ai suggests an intent to run on-prem or air-gapped), the `h2o-ai-cloud` seems to handle authentication and authorization using an OpenID Connect (OIDC) provider like Keycloak, which should let you integrate with other services like SAML and LDAP.

User roles look tied to OIDC access token claims, and what a user can see or do depends on their role, so in theory, they should only have access to what's appropriate.

There are also some options for more granular control through IAM-like policies, but it looks like these are still in beta.

Overall, it looks at the very least that enabling authentication and access authorization is not just an afterthought, assuming it's all set up right.

https://h2oai.github.io/h2o-ai-cloud/adminguide/authorizatio...

[anakaine]

Some do, some dont, and many don't care for that as a feature since they're open source single dev efforts that are not looking to monetise.