Skip to main content

Managing Multiple Bitfount Accounts

You may find yourself using multiple Bitfount accounts on the same machine if you:

  • Are affiliated with multiple institutions/email domains.
  • Maintain accounts with access to different datasets or code.
  • Simply wish to test federated learning and evaluation techniques as if you are multiple users.

There are two important parts that need to be configured correctly when using multiple accounts. First, you will need to specify the user account and second, you will need to ensure that appropriate adjustments are made for your chosen authentication method.

Specifying the username

There are two ways to specify which user account you are using

  • Manually specify a username
  • Leave Bitfount to automatically detect your username from you logging in through a web browser. In this case, the username is stored in your BITFOUNT_HOME folder

When using yaml, the username is specified at the root level of the yaml. For example:

pod_name: census-income
datasource: CSVSource
username = "your-username"
### Input rest of pod configuration

If you are using the python API, you can pass username as a parameter to the Pod constructor, and protocol.run and model.fit methods:

p = Pod(name="census-income", username="your-username")
...
p = FederatedAveraging(...)
p.run(username="your-username", ...)
...
m = PyTorchLogisticRegression(...)
m.fit(username="your-username", ...)

If you want to use your web browser's authentication to specify your username but also want to run multiple accounts simultaneously then you will need to specify different BITFOUNT_HOME configurations for each user. Each separate BITFOUNT_HOME configuration will then have a different default username which is used, without any need for specifying it in YAML or the Python API.

The BITFOUNT_HOME environment variable should point to a path where the default username and tokens can be stored. By default this is set to ~/.bitfount. For example, you could run a Pod via

BITFOUNT_HOME="/file/location_1/.bitfount/" bitfount run_pod /path/to/yaml

Ensuring authentication works

Besides the requirement to specify the username, running multiple accounts on the same machine may require some additional steps depending on the authentication method.

For setting up Pods, we recommend using API keys for authentication, as described in the API key setup documentation.

When running a task as a data scientist, the steps for logging in as the correct user in the correct browser window will depend on the authentication mode:

  • If you are using oidc-device-code authentication (the default) then each time you need to authenticate, Bitfount will attempt to do this through your default browser. If the default browser is logged in with a different account you will need to copy the URL to a separate browser or incognito tab to authenticate.
  • If you are using oidc-auth-code or saml authentication then the flow will only work if you ensure that the browser window opens where you can log in as the desired user. The easiest way of ensuring this is to simply run a jupyter notebook and then open up the notebook in a separate browser or in incognito mode.