Manage groups

In Identity as a Service (IDaaS), you can add accounts to a group to manage the permissions of the accounts in a centralized manner. Administrators can add accounts of the same position or role to a group and grant access permissions on an application to the accounts in the group. For example, administrators can grant the access permissions on the sales management system to sales staff in a group. In IDaaS, a group is parallel to an account and an organization. A group does not belong to an organization node. Administrators can add an account of a random organization node to a group.

On the Group page, administrators can perform the following basic group management operations.

• Create or modify a group.

• Manage members.

• Delete a group.

Create a group

Administrators can specify a group name to create a group.

Manage members

After you create a group, you can add members to the group. On the Group page, find the group that you want to manage and click Manage Members in the Actions column. The group management page appears.

Click Add Member. In the Add Group Member dialog box, search for the account that you want to add to the group.

Click Save.

Grant access permissions on an application by group

This section describes how to grant the access permissions on an application to accounts in a group as an administrator.

On the Applications page, click the application that you want to access. On the page that appears, click the Sign-In tab and click the Authorize tab. Then, click Authorize. In the Authorize dialog box, click the Group tab. Search for the group to which you want to grant the access permissions on the application. Then, click Confirm.

The members in the group can access the application.

Delete a group

Administrators can delete a group. After a group is deleted, IDaaS removes all members from the group, and permissions are revoked from the accounts in the group. However, the accounts are not deleted.