Team & Access – Members Management

Scope

This document explains how Team & Access works at the Organizational Unit (OU) level, focusing on how Members, Groups, Roles, and Permissions are managed together to control access.

I am new. Where should I start?

Start by understanding the access model:

  • Members are individual users.

  • Groups are collections of members.

  • Roles define what actions are allowed.

  • Permissions are the smallest access units contained inside roles.

Best practice: assign permissions to roles, roles to groups, and users to groups.

Purpose

  • Manage who has access to an Organizational Unit

  • Control what users can see and do

  • Simplify access management using groups and roles

  • Ensure consistent and secure permission assignment

Prerequisites

Before managing Team & Access, ensure that:

  • You have Admin or Access Management permission on the OU

  • The Organizational Unit already exists

  • Required roles are already defined (or default roles are available)

I already understand. How do I proceed step by step?

1. Open Organizational Units

Navigate to Organization → Organizational Units and select the target OU.

2. Open Team & Access

From the OU details page, open the Team & Access section.

This section includes:

  • Members

  • Groups

  • Roles & Permissions

3. Manage Members

Members represent individual users within the OU.

You can:

  • View all members in the OU

  • Invite new members

  • Remove existing members

  • View assigned roles (direct or via group)

4. Add a Member

  1. Click Add Member

  2. Enter the user’s email

  3. Assign one or more groups

  4. (Optional) Assign a role directly

  5. Confirm the invitation

Note: Direct role assignment should be limited to special cases.

5. Manage Groups

Groups help organize members and simplify permission management.

You can:

  • Create a new group

  • Add or remove members from a group

  • Assign roles to a group

Example groups:

  • QA Team

  • Backend Team

  • Security Admins

5.1 Add a Group to the Workspace

  1. Click + Add groups.

  2. Search and select a group by name or code

  3. Confirm to Assign the group.

Members of the added group will automatically gain access to the workspace.

5.2 View Group Members

  1. In the Groups list, click the Action (⋯) menu of a group.

  2. Select View members.

  3. A side panel opens showing:

    • Member name

    • Email

    • Added date

    • Added by

This view is read-only and reflects members synced from the organization.

5.3 Manage Roles for a Group

  1. In the Groups list, open the Action (⋯) menu.

  2. Select Manage roles.

  3. Choose one or more roles from Select roles.

  4. Assigned roles define the permissions for all members of this group within the workspace.

Any role change applies immediately to all current and future group members.

5.4 Remove a Group from the Workspace

  1. Open the Action (⋯) menu of the group.

  2. Select Remove.

  3. Confirm the removal.

Warning:

  • Removing a group will revoke all roles and permissions granted through this workspace for its members.

  • The group itself is not deleted from the organization.

6. Manage Roles & Permissions

Roles

Roles are collections of permissions.

You can:

  • View predefined roles

  • Create custom roles (if supported)

  • Assign roles to groups or members

Permissions

Permissions define specific allowed actions, such as:

  • Read resources

  • Create or update data

  • Manage access settings

Permissions are not assigned directly to users — they are always part of a role.

Result

After completing these steps:

  • Members have controlled access to the OU

  • Permissions are consistently applied through roles

  • Groups simplify onboarding and access updates

  • The OU follows security and access best practices

PreviousManage Workspace levelNextGroup management

Last updated