C3 AI Global Glossary
The following terms are defined as they relate to C3 AI Documentation and include links where you can find more information.
Authentication - The process of verifying and validating the identity of a user or entity accessing a computing system really is who they claim to be. Authentication does not determine what tasks a user can do or what resources the user can access. Authentication identifies and verifies who the person or system is. Users can authenticate to the C3 Agentic AI Platform using various mechanisms, such as Security Assertion Markup Language (SAML), OpenID Connect (OiDC), and Open Authorization (OAuth). See Authenticating Users for more information.
Authorization - Granting or denying access to specific resources based on the requesting user's identity. The C3 Agentic AI Platform uses the role-based access control (RBAC) authorization model to restrict access to resources. See Manage Access and Examples of Access Control for more information.
Cluster Management Framework - Describes the logic for how a cluster is managed in the C3 AI ecosystem through the C3 AI Cluster Management Environment. See Manage Cloud Resources for the C3 AI Cluster for more information.
DataPermission Type - An expression that defines a filter on a Permission for data access. See DataPermission for more information.
Data Type - A C3 AI Type available to C3 AI customers that is used in many data operations. See Overview of C3 AI Datasets and Data for more information.
Data science - A multidisciplinary approach to read unstructured data and extract meaningful insights for business. See C3 AI Data Science and Machine Learning Guide for more information.
Datasets - A collection of numbers or values that relate to a particular subject. See Overview of C3 AI Datasets to learn more about how C3 AI uses a data interface called C3 AI Datasets to extend data science and machine learning on the C3 Agentic AI Platform.
Data lake - An open-source storage layer designed to store and process large amounts of data securely. The data in this centralized repository can be structured, semistructured, and unstructured. See Data Integration Overview for more information about data lake and data warehouse technologies to which the C3 Agentic AI Platform integrates.
Feature (ML) - Data that is used as the input for Machine Learning (ML) models to make predictions. See Overview of the C3 AI Feature Store for more information.
Feature Store - A location where an individual or organization manages, stores, and shares features. See Overview of the C3 AI Feature Store to learn more about how C3 AI uses a metadata-driven design to tightly integrate the upstream and downstream steps of a machine learning workflow.
Hardware Profile - Defines what resources are given to an App.NodePool, such as Central Processing Units (CPUs), Graphics Processing Units (GPUs), memory allocation and storage, and networking capacity. See also Use Hardware Profiles and HardwareProfile for more information.
Identity and Access Management (IAM) - A framework of policies and technologies to ensure that users have appropriate access to technology resources. See the C3 AI Security Guide for more information about security in the C3 Agentic AI Platform.
Identity Providers (IdPs) - Entities that manage users, credentials (for example, passwords and keys) and other attributes, such as groups or roles. Usually, all information related to group assignment of users on the C3 Agentic AI Platform would be fetched from the external IdP, but the platform can also have its own internal user management system that allows Users to be added to UserGroups. See the IdentityProvider Type for more information.
Identity Provider (IdP) initiated Single-Sign On (SSO) - A type of SSO where the authentication process is initiated by the IdP, rather than by the service provider (SP). In this case, the user first logs into the IdP and is then redirected to the SP, where they are granted access without having to enter their login credentials again. An example of this would be an employee of a company logging into their company's IdP (for example, Okta) and then being able to access multiple applications like Salesforce, Slack, and NetSuite without having to enter their login credentials again. This is possible because all these applications are integrated with the company's IdP. See the C3 AI Security Guide for information about how security is managed in the C3 Agentic AI Platform.
JupyterLab, C3 AI-managed - An on-demand microservice in the C3 AI cluster that provides data science and machine learning teams the ability to quickly and securely start C3 AI-managed JupyterLab notebooks. These notebooks are hosted on a dedicated compute infrastructure with selectable resource sizing dedicated to the user. Other features of the C3 AI-managed JupyterLab microservice and notebooks are detailed in Configure and Use C3 AI-Managed JupyterLab Notebooks. See the C3 AI Data Science and Machine Learning Guide for more information.
Lightweight Directory Access Protocol (LDAP) - An authentication protocol that helps users find data about organizations, persons, and more. LDAP has two main goals: to store data in the LDAP directory and authenticate users to access the directory. It also provides the communication language that applications require to send and receive information from directory services. A directory service provides access to where information on organizations, individuals, and other data is located within a network. The authentication process is a client-server model of authentication, and it consists of these key elements: Directory System Agent (DSA), Directory User Agent (DUA), Distinguished Name (DN), and Relative Distinguished Name (RDN).
LdapIdp Type - The C3 AI Type that implements the authentication request and login and logout redirect endpoints for the LDAP authentication flow. See LdapIdp for more information.
Machine learning pipeline - A workflow consisting of data transformations and training operations that create a model for understanding data and making predictions. In the C3 Agentic AI Platform, MlPipes are building blocks to define and implement custom pipes in Python using external frameworks. See Model Development Typical Workflow on the C3 Agentic AI Platform for more information.
Model Deployment - The process of making a machine learning or artificial intelligence model available for practical use by integrating it into a production environment. See the Tutorial Model Deployment - Predictive Maintenance for Wind Turbines for a hands-on example of how model deployment works in the C3 Agentic AI Platform.
ModelOps (also known as MLOps) - The practice of operationalizing and managing machine learning models throughout their lifecycle, including deployment, monitoring, and maintenance. See the Model Development on the C3 Agentic AI Platform Overview for more information on how data scientists and application developers train, deploy, and manage the lifecycle of machine learning (ML) models in the C3 Agentic AI Platform.
Model Registry - A centralized repository that manages the versioning, organization, and tracking of machine learning models. See the C3 AI Model Registry Overview for more information on how the C3 Agentic AI Platform provides robust machine learning (ML) deployment and health checks.
OpenID Connect (OIDC) - An authentication layer protocol built on top of the OAuth 2.0 framework. OIDC securely authenticates a user against an IdP and redirects the user to the C3 Agentic AI Platform after the authentication is successful. User credentials are never exposed to C3 Agentic AI Platform. This protocol is mapped to the Oidc Type in the C3 Agentic AI Platform.
OpenID Provider (OIDP) - A service that authenticates users and provides them with an OpenID, which is a unique identifier that can be used to authenticate the user across different websites. An OpenID Provider allows users to use a single set of login credentials (username and password) to access multiple websites without having to create a separate account for each one. An example of an OpenID Provider is Microsoft. When users sign into their Microsoft account, they are given an OpenID that they can use to authenticate themselves on other websites that support OpenID, such as GitHub.com or Confluence. This way, users don't have to create and remember multiple sets of login credentials for different websites, they can just use their Microsoft account. This is because these two are OpenID Providers and have gone through the process of certifying themselves so that other third-party applications can trust their user management.
Role-Based Access Control (RBAC) - An authorization model to restrict access to resources that facilitates security administration and review. It can reduce cybersecurity risk, protect sensitive data, and ensures that users of the platform can only access information and perform actions they need access to, to do their jobs. This is commonly known as the principle of least privilege. See Roles and Permissions for more information about how RBAC is implemented in the C3 Agentic AI Platform.
Security Assertion Markup Language (SAML) - SAML is an open standard for authentication. It is similar to OIDC, which authenticates a user against an IdP and redirects the user to the C3 Agentic AI Platform after the authentication is successful. This protocol is mapped to the Saml Type in the C3 Agentic AI Platform. See Authentication Using SAML for more information on using SAML with the C3 Agentic AI Platform and C3 AI applications.
Security Assertion Markup Language (SAML) Response - A SAML Response is a message that is sent from the IdP to the SP containing authentication and authorization information about a user, in response to a SAML Authentication Request. An example of a SAML Response would be, a user trying to access a service provided by a company (SP) and the company uses an Identity Provider (IdP) for authentication. When the user tries to access the service, the SP sends a SAML Authentication Request to the IdP asking for the user's authentication. If the user is successfully authenticated, the IdP sends a SAML Response to the SP containing information about the user, such as their username, email address and group membership, along with an assertion that the user is authenticated. The SP then uses this information to grant the user access to the service.
VS Code Extension, C3 AI (VSCE) - The C3 AI VSCE is the official VS Code extension for development on the C3 Agentic AI Platform. The extension enhances the application development experience of the C3 Agentic AI Platform by providing C3 AI Type System-specific aid across type files and implementation files. These include code completion, in-text documentation, testing and debugging capabilities, and other developing utilities. See Overview of the C3 AI VS Code Extension for more information.