User group concept
On this page
To manage permissions more easily, the members of an organization are managed through groups. The following applies:
- Permissions can be set at both user and group levels.
- A user can belong to several groups within an organization.
- A user's permissions are the sum of all the permissions granted to them individually plus all the permissions granted by the groups they are a member of.
When a new organization is created, two groups are automatically created for the organization:
- Members group: This group contains all DevOps platform (DOP) users of the organization. Any DOP user added to the organization is automatically added to this group. By default, members of this group have no rights related to the organization. This group cannot be deleted and its composition cannot be changed.
- Owners group: This group is intended to include the organization admins. The organization's creator (if they use a DOP user account) is automatically added to this group. By default, members of this group have full control over the organization. This group can be deleted, and its name and composition can be changed.
In addition, a technical group - the Anyone group - is used to manage the permissions on public projects of users who are not members of the organization. This technical group is visible on the project level only. By default, members of this group have no permissions. They may be granted organization-level permissions (except Administer organization) and permissions on public projects (except Administer project).
The figure below shows the three groups related by default to an organization.
You can define and add custom groups to an organization.
Related pages
- Managing the user groups of your organization
- Setting the organization-related permissions of a group
- Setting the project-related permissions of a group:
- At the organization level (through templates)
- At the project level
Was this page helpful?