Skip to main content
Managing user groups
Updated over 7 months ago

About user groups

User groups are a collection of users that share similar functions or roles in an organization. Groups make it much easier to manage members and their access requirements.

For example, create a group of users who only need access to datasets and projects and another group of users who have access to catalog resources. Any new user who gets added to the organization can then be added to these groups and they automatically get access to the resources that the group is authorized to access.

Important

Note that user groups are not discoverable outside of an organization. When users outside the organizations want to share resources with an organization, they can share the resources with the organization or with specific users in the organization, but they cannot share them with user groups in the organization.

Planning user groups and their access levels

User groups can be assigned access to datasets and projects. This section will help you plan the user groups for your organization.

For access to datasets and projects

  1. Create user groups that have access to all datasets and projects in the organization. This way users in this group automatically get access to any new dataset or project that is added to the organization.

  2. Create user groups and and assign them access to specific datasets and projects in the organization.

  3. Don't add users to any groups and give them direct access to a specific datasets and projects. This is not a recommended approach as it creates a maintenance overhead especially when you are managing large numbers of users and resources. Also, when someone leaves a company, it is much easier to remove the user from the various groups instead of going to each resource and revoking their access.

How do permissions work when users belong to more than one group?

When you belong to multiple groups, we aggregate the permissions and the highest level of permissions are honored.

A few examples to show you how permissions work

Configuration

Results

A user belongs to two groups:

  • Super admins group is given permission to administer users and settings of the organization.

  • All members group is not allowed to do the task.

Users in the Super admin group will be able to do the task as the highest level of access is honored.

A user belongs to two groups:

  • Sale group is set to not have access to the catalog resources.

  • All members group is allowed to view all catalog resources.

Users in the Sales group will still be able to view the catalog resources as the All members group has that permission.

  • User belongs to Marketing group that is set to not have access to Dataset and project in the organization.

  • You give the Marketing group Manage access to a specific dataset directly.

Users in the Marketing group will be able to manage that specific dataset.

Creating user groups

Create new user groups to set up the organization members with different levels of access to the organization resources.

To create new custom user groups:

  1. Browse to the Profile > Members tab > Groups section.

  2. Click the Add group button. The Create a new group window opens.

  3. In the Create a new group window, provide the name of the group and a brief description. Click Create. The user group is added to the list of groups.

Adding and removing members from user groups

Once you have created a user group and decided the level of access they will have, go ahead and add the members to the group.

To add members to a group:

  1. Navigate to the Profile > Members tab > Groups section.

  2. Browse to a group where you want to add members and click the Add member button.

  3. In the Add members to group window, select from the list of members on the organization. Note that you can only add members who are already part of the organization.

To remove members from a group:

When a user is removed from a group, any access granted through the group is revoked. Direct access to resources and access to resources through membership in other groups continues to work as before.

  1. Browse to the group from where you want to remove a member.

  2. From the list of Group members, click the Delete button next to the member you want to remove.

Granting user groups access to specific datasets & projects

To grant access to specific resources from the resources page:

  1. Go to the specific dataset or project in your organization.

  2. From the Access tab, click the Grant access button.

  3. In the Grant access window, search for the user group that should have access to this resource.

  4. Assign one of the following roles/permissions:

    • View: Allow the members in this group to view this resource.

    • Manage: Allow the members of this group to view, edit, delete the resource and to be able give others access to this resource.

  5. Click the Grant access button.

Did this answer your question?