Manage groups


# Manage groups

A group is a collection of users who have the same privileges to access resources in an organization.

One user can be assigned to any number of groups. Applications can get details about groups a user belongs to in the authentication response (e.g., ID token) from Asgardeo as a user attribute.

Administrators and users onboarded from remote user stores cannot be assigned to groups from Asgardeo Console.

For example, you can create the following user groups: Admin, Manager, and Developer. When one user group is granted access to a resource, it applies to all users in the group.

# Onboard a group

There are two ways to onboard a group:

Note that this remote user store connection is read-only, which means you cannot update the groups onboarded from this user store.

  • Administrators can add groups via the Asgardeo console.

Let's look at how administrators can onboard groups from the Asgardeo console (opens new window).

  1. On the Asgardeo console, click Manage > Groups.
  2. Click New Group.
  3. Provide the following details.
    • Group Name: A unique name to identify the group.
    • Add Users: If you already have existing users, you can search and add them. create-new-group-form
  4. Click Finish.

# Assign users to groups

Users can be assigned to groups. Admins can restrict access to resources based on the groups.

To assign users to groups:

  1. On the Asgardeo console, click Manage > Groups.
  2. Select the group to assign the user.
  3. Click Edit and navigate to Users. add-user-to-group-view
  4. Click Assign User.
  5. Select users to add to the group.
  6. Click Save.

# Remove users from groups

Users can be removed from the assigned groups by administrators.

To remove users from groups:

  1. On the Asgardeo console, click Manage > Groups.
  2. Select the group to remove the user.
  3. Click Edit and navigate to Users. remove-user-from-group-view
  4. Click Edit icon.
  5. Clear the checkbox for the user(s) you want to remove.
  6. Click Save.

# Delete a group

An administrator can delete groups via the Asgardeo console (opens new window). To delete a group:

  1. On the Asgardeo console, click Manage > Groups.
  2. Click the trash icon next to the group you wish to delete.
  3. Select the checkbox and confirm your action.

# View remote user store groups

Once you connect a remote user store to Asgardeo, you can view the onboarded groups and the members of the groups. To view the onboarded groups:

  1. On the Asgardeo console, go to Manage > Groups.
  2. Select your user store from the drop-down menu.

These groups are read-only. Administrators can only view the group details and the assigned members.