Skip to main content
Together’s Identity and Access Management (IAM) model controls how your team collaborates on the platform, and how your workloads are authenticated. It determines who can access what, how credentials are scoped, and how resources are organized.

Core Concepts

Together’s IAM is built around five concepts that work together:
ConceptWhat it is
OrganizationYour company’s account on Together. One org, one bill.
ProjectAn isolated workspace within your Organization. Resources, Collaborators, and API keys are scoped to Projects.
ResourceAnything you create: fine-tuned models, dedicated endpoints, clusters, evaluations, files.
Member / CollaboratorA user with access to your Organization (Member) or Project (Collaborator), assigned either an Admin or Member role.
API KeyA Project-scoped credential for authenticating API requests.

How It All Fits Together

The key principle: Projects are the collaboration boundary. Collaborators get access to a Project, and that gives them access to everything inside it (Clusters, Models, Endpoints, etc.). Access decisions happen at the Project level, not on individual resources.

Resources

A resource is anything you create or provision on Together:
  • Instant Clusters — GPU clusters for training and inference
  • Fine-tuned Models — Models you’ve customized with your data
  • Dedicated Endpoints — Always-on inference endpoints
  • Evaluations — Model evaluation runs
  • Files — Training data, datasets, and other uploads
Resources belong to a Project. Everyone with access to that Project can see and use those resources, subject to their role permissions.

Organization Members and Project Collaborators

Together uses different terminology at each level:
  • Organization Members are users who belong to your Organization. They are invited via email or provisioned through SSO. Each Member is assigned an Admin or Member role at the Organization level.
  • Project Collaborators are users who have been granted access to a specific Project. Collaborators can be Organization Members or External Collaborators who participate in a Project without belonging to the parent Organization.
Each Collaborator is assigned an Admin or Member role at the Project level. For a detailed breakdown of what each role can do, see Roles & Permissions.

Product-Specific Access Guides

Together’s IAM model applies consistently across all products. These guides cover product-specific workflows:

GPU Clusters

Add and remove Collaborators from GPU Cluster Projects, understand in-cluster Kubernetes permissions
Projects and Project-level membership management are in early access. Contact support to enable multi-Project support for your Organization.

Next Steps

Organizations

Set up your Organization and manage membership

Projects

Create workspaces and scope resources

Roles & Permissions

Understand role-based capabilities (RBAC)

API Keys

Create and manage Project-scoped credentials

Single Sign-On

Connect your Identity Provider