Overview
Groups allow you to define who can request access to specific applications in the App Access Catalog.
By using groups, you can control eligibility and ensure that only relevant users can request access.
What are groups?
Groups are collections of users defined using user filters. They allow you to dynamically group users based on attributes such as department, location, or other criteria.
Groups are currently shared with another Torii feature - Access Governance - they are not limited to the App Access Catalog.
Key capabilities
- Control eligibility: Define who can request access to each application
- Dynamic grouping: Automatically include users based on filters
- Scalability: Apply rules to large sets of users without manual updates
Creating and managing groups
- Navigate to App Catalog
- Go to the Groups Tab
- Click Add group
- Define the group using user filters (e.g., department, role, etc.)
- Save it
Using groups in the App Access Catalog
Once created, groups can be assigned to applications to control access requests:
- Navigate to the Access Request policies tab
- Select an application
- Configure the Access Request Policy
- Assign one or more eligible groups
Only users in the selected groups will be able to request access to that application.
Notes
- Groups are shared across features, including Access Governance
- Changes to a group will automatically affect all features where the group is used
- Carefully review group definitions to ensure correct access eligibility