Skip to main content
Groups let you assign roles to multiple users at once. Add users to a group, and they automatically inherit all roles assigned to that group.

How to Create a Group

1

Open Groups Page

Go to Access Management → Groups and click Create Group.
2

Enter Group Details

  • Group Key (required): Unique identifier (lowercase, dashes allowed). Cannot be changed later.
  • Display Name (required): Friendly name shown in the UI.
  • Description (optional): Explain the group’s purpose.
3

Assign Initial Roles (Optional)

Select roles that all group members should have. You can modify this later.
4

Save

Click Create Group. You can now add members.

How to Assign Roles to a Group

1

Open Group

Go to Access Management → Groups and click on the group.
2

Go to Roles Tab

Click the Roles tab.
3

Select Roles

Check the roles you want to assign. All group members will inherit these roles.
4

Save

Click Save Changes. Permissions take effect immediately for all members.
When you add or remove roles from a group, all members’ permissions update immediately.

How to Add Members to a Group

1

Open Group

Go to Access Management → Groups and click on the group.
2

Go to Members Tab

Click the Members tab, then click Add Member.
3

Select User

Search for a user by name or email and select them.
4

Confirm

Click Add Member. The user immediately gains all roles assigned to the group.
You can also manage group memberships from a user’s profile page (Groups tab).

How to Remove Members from a Group

On the group’s Members tab, click the remove icon on the member’s card.
Removing a member immediately revokes all permissions they inherited from this group.

How to Delete a Group

1

Open Group

Go to Access Management → Groups and click on the group.
2

Delete

Scroll to the Danger Zone section and click Delete.
3

Confirm

Confirm the deletion. This action cannot be undone.
Deleting a group removes all members and revokes any permissions they inherited solely from this group.

Troubleshooting

  1. Check if the user is in the group (Members tab)
  2. Check if the group has the correct roles (Roles tab)
  3. Verify those roles include the required permissions
  • User must be a member of your organization first (invite them)
  • User may already be in the group
Keys must be unique. Try: dev-team-2, frontend-devs, k8s-admins

FAQ

Roles define permissions (what you can do). Groups organize users and assign roles collectively (who you are).
Yes. Permissions from all groups are combined with any direct role assignments.
No. The key is permanent. You can change the display name anytime.
All members immediately lose that role’s permissions (unless they have it from another source).
All members are removed and lose permissions inherited from that group. Other permissions remain intact.