Groups give you the ability to manage member access to apps, projects, and map layers at a group level. Groups save administrative time and help you ensure your members have access to everything they need and nothing else.
In this article, learn how to:
Create a Group
To create a group:
Select Groups in the side navigation.
Note: you will only have access to Groups if your role includes the Manage Groups permission.
Select Create Group at the top right of the screen.
Provide the group with a Name and Description. Typically this represents a type of work that your organization is currently doing and needs to organize member access around.
Select Add to create the group.
Note: as the creator of the group, you will automatically become the first member of the group.
Add Members, Apps, Projects, and Map Layers to a Group
By adding members, apps, projects, and map layers into a group, the members that are a part of that group will then have access to the other objects in that group.
Note: A member's role permissions are not impacted by their group membership. A member's role permission dictates what actions they can take with the apps, map layers, and projects that they have access to via the group.
To add objects to a group:
Select the group from the groups list.
Select the tab you would like to add to, e.g. if you would like to add apps to your group, select the APPS tab.
Select the ADD option.
In the add modal, you will see objects that you have access to that are not already in the group. From this list, select the objects that you would like to add to the group and then click ADD.
TIP! When adding members to a group, you can search by name, email, or role. To quickly add all the members with the same role to a group, search by the role name, select all, and click add. It's that easy!
Note: The updates are handled via an asynchronous background process so it may take a few minutes (but usually less) for the members to gain access to the objects added to the group.
Removing members from a group also removes their access to its apps, map layers, and projects, even if they had individual access to those items prior to being a part of the group.
This also applies to other scenarios: e.g. if you remove an app from a group, the members within that group will lose access to it even if they had access to it prior to the group's existence.
Of course, if the member is part of another group with those items, they will continue to have access.
Manage Groups Permission
There is a Manage Groups permission that gives a user the ability to manage groups. Manage Groups is included in the Owner and Manager system roles. The Manage Groups permission can also be added to any custom role.
Owners and any other users with Manage Roles permission will be able to view, create, edit, and delete any groups - full control. These users will always have access to all of the groups, apps, map layers, and projects in the organization.
All other users with Manage Groups permission will only be able to see and manage the groups they are in. They will also be able to create groups.
In order to provide a group creator access to the group they have created, we automatically add the group creator to the group.
The group creator is allowed to remove themselves from the group. However, the group creator will then lose access to the group and all the apps, map layers, and projects in that group.
Work with Groups Managed by your Identity Provider (Azure, Okta, etc.)
If your organization has created groups in your identity provider (idP), you will not be able to add or remove members from those groups from within Fulcrum. This member-to-group assignment must be done in the idP. Within Fulcrum, you will manage the apps, layers, and projects associated with the group.