keycloak-scim/docs/documentation/server_admin/topics/roles-groups/proc-managing-groups.adoc

56 lines
1.9 KiB
Text
Raw Normal View History

[id="proc-managing-groups_{context}"]
= Groups
[role="_abstract"]
Groups in {project_name} manage a common set of attributes and role mappings for each user. Users can be members of any number of groups and inherit the attributes and role mappings assigned to each group.
2020-11-13 14:09:23 +00:00
To manage groups, click *Groups* in the menu.
2016-05-25 20:32:21 +00:00
.Groups
image:images/groups.png[]
2016-04-18 15:15:25 +00:00
Groups are hierarchical. A group can have multiple subgroups but a group can have only one parent. Subgroups inherit the attributes and role mappings from their parent. Users inherit the attributes and role mappings from their parent as well.
If you have a parent group and a child group, and a user that belongs only to the child group, the user in the child group inherits the attributes and role mappings of both the parent group and the child group.
The following example includes a top-level *Sales* group and a child *North America* subgroup.
To add a group:
2016-05-25 20:32:21 +00:00
. Click the group.
. Click *Create group*.
. Enter a group name.
. Click *Create*.
. Click the group name.
+
The group management page is displayed.
+
2016-05-25 20:32:21 +00:00
.Group
image:images/group.png[]
2016-05-25 20:32:21 +00:00
Attributes and role mappings you define are inherited by the groups and users that are members of the group.
2016-05-25 20:32:21 +00:00
To add a user to a group:
2016-05-25 20:32:21 +00:00
2020-11-13 14:09:23 +00:00
. Click *Users* in the menu.
. Click the user that you want to perform a role mapping on. If the user is not displayed, click *View all users*.
. Click *Groups*.
+
.User groups
image:images/user-groups.png[]
+
. Click *Join Group*.
. Select a group from the dialog.
. Select a group from the *Available Groups* tree.
. Click *Join*.
2016-05-25 20:32:21 +00:00
To remove a group from a user:
2016-05-25 20:32:21 +00:00
. Click *Users* in the menu.
. Click the user to be removed from the group.
. Click *Leave* on the group table row.
2016-05-25 20:32:21 +00:00
In this example, the user _jimlincoln_ is in the _North America_ group. You can see _jimlincoln_ displayed under the *Members* tab for the group.
2016-05-25 20:32:21 +00:00
.Group membership
image:images/group-membership.png[]