Access Groups Administration

Access groups let administrators define a named permission profile and assign multiple users to it. This page covers governance and operational management of groups from an admin perspective.

Creating a group

Go to Admin → Access control groups.
Select New group.
Set the group name, scope (project or organization), and role.
Add initial members.
Save.

Group scope

Scope	Behaviour
Project	Applies only within the specified project.
Organization	Available across all projects; member inherits the role on each project they are active on.

Assigning permissions

Groups are assigned a Workflows role. All members inherit that role's permissions. You cannot create a group with higher permissions than your own admin level.

Adding and removing members

Open the group and use Edit members. Changes take effect immediately. Removed members revert to any individually assigned role they hold; if none, they lose access.

Governance recommendations

Review group membership at project milestones, staff changes, and phase completions.
Document the purpose of each group in the group description field.
Avoid creating overlapping groups for the same discipline to keep the permission model predictable.
Archive (do not delete) groups that are no longer active to preserve audit history.

Auditing group changes

All group membership changes are logged in the organization audit trail. See Audit trail for how to retrieve this log.

Creating a group​

Group scope​

Assigning permissions​

Adding and removing members​

Governance recommendations​

Auditing group changes​