This article describes the Groups feature that complements the user-centric access policy encouraged by both SSO and our Database authentication. Groups let you assign specific network access rules to your team, usually based on roles, responsibilities, or location.
- Creating a user group
- Editing members in a group
- Managing access for groups
You can use Groups to better control your Network and Zero Trust Application Policies.
Sorting your Members into Groups provides your organization with a significantly reduced attack surface. Least-privilege access policies hinge on the ability to group employees by the resources they need to do their jobs.
Creating a user group
To create a User Group, select the Team tab in the Management Platform.
Select the Groups tab below and select Add Group on the right side of the window.
Editing members in a group
- Once you have created a Group, you can edit members by selecting the three-dotted menu (...) on the right side and choosing Manage Members.
- Select the + sign to list members. Select the team members you want to add to the Group. Please notice that you will see only non-members on the list.
The new members are added to the group.
Managing access for groups
Groups are created to control who can access which location. Select Groups in the left side panel.
Select the three-dotted menu (...) next to the group you’d like to limit or grant access to and select Manage Networks.
- Select or remove the teams as desired for this location.