habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9a89a5f94bc2199474592e5583e08a5e8d24ef74
authentik/website/docs/users-sources/groups/manage_groups.md
Tana M Berry 9a89a5f94b website: latest migration to new structure (#11522) 
* first pass

* dependency shenanigans

* move blueprints

* few broken links

* change config the throw errors

* internal file edits

* fighting links

* remove sidebarDev

* fix subdomain

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix relative URL

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix mismatched package versions

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix api reference build

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* test tweak

* links hell

* more links hell

* links hell2

* yep last of the links

* last broken link fixed

* re-add cves

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add devdocs redirects

* add dir

* tweak netlify.toml

* move latest 2 CVES into dir

* fix links to moved cves

* typoed title fix

* fix link

* remove banner

* remove committed api docs

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* integrations: remove version dropdown

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Update Makefile

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* change doc links in web as well

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix some more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* fix more docs paths

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* ci: require ci-web.build for merging

Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>

* Revert "ci: require ci-web.build for merging"

This reverts commit b99a4842a9.

* remove sluf for Application

* put slug back in

* minor fix to trigger deploy

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
Co-authored-by: Tana M Berry <tana@goauthentik.com>
Co-authored-by: Jens Langhammer <jens@goauthentik.io>
Co-authored-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2024-10-08 14:07:19 -05:00

2.7 KiB
Raw Blame History

title, description
title description
Manage groups Learn how to work with groups in authentik.

A group is a collection of users. Refer to the following sections to learn how to create and manage groups, assign users and roles to groups, and how permissions work on a group level.

Create a group

To create a new group, follow these steps:

  1. In the Admin interface, navigate to Directory > Groups.
  2. Click Create at the top of the Groups page.
  3. In the Create modal, define the following:
    • Name of the group
    • Whether or not users in that group will all be super-users (means anyone in that group has all permissions on everything)
    • The Parent group
    • Select Roles to apply to this group
    • Any custom attributes
  4. Click Create.

:::info To create a super-user, you need to add the user to a group that has super-user permissions. All members of that group are super-users. :::

Modify a group

To edit the group's name, parent group, whether or not the group is for superusers, associated roles, and any custom attributes, click the Edit icon beside the role's name. Make the changes, and then click Update.

To add or remove users from the group, or to manage permissions assigned to the group, click on the name of the group to go to the group's detail page.

For more information about permissions, refer to "Assign or remove permissions for a specific group".

Delete a group

To delete a group, follow these steps:

  1. In the Admin interface, navigate to Directory > Groups.
  2. Select the checkbox beside the name of the group that you want to delete.
  3. Click Delete.

Assign a role to a group

You can assign a role to a group, and then all users in the group inherit the permissions assigned to that role. For instructions and more information, see "Assign a role to a group".

Delegating group member management authentik 2024.4+

To give a specific Role or User the ability to manage group members, the following permissions need to be granted on the matching Group object:

  • Can view group
  • Can add user to group
  • Can remove user from group
  • Can access admin interface (for managing a group's user within the authentik Admin interface)

In addition, the permission "Can view User" needs to be assigned, either globally or on specific users that should be manageable.

These permissions can be assigned to a Role or directly to a User.