# Managing groups
This page explains the user group concept in SonarQube Server and how to create and populate them.
## User group concept
To manage permissions more easily, users can be managed through groups. The following applies:
* Permissions can be set at both user and group levels.
* A user can belong to several groups within an organization.
* A user’s permissions are the sum of all the permissions granted to them individually plus all the permissions granted by the groups they are a member of.
{% hint style="info" %}
Depending on the authentication method used, automatic group synchronization may be used. For more information, see [overview](https://docs.sonarsource.com/sonarqube-server/2025.1/instance-administration/authentication/overview "mention").
{% endhint %}
Two default built-in groups are used:
* The **sonar-users** group contains all authenticated users. You can edit the group’s permissions, but you cannot delete it or change its name or content.
* The **sonar-administrators** group contains the default system administrator (admin) that is created during SonarQube Server instance installation. You can manage this group as any other group.
{% hint style="warning" %}
For security reasons, it is highly recommended that the **sonar-administrators** group’s name be changed. If [authentication](https://docs.sonarsource.com/sonarqube-server/2025.1/instance-administration/authentication "mention") is used, this group may be used to gain unauthorized access.
{% endhint %}
## Creating a new user group
1. In the top navigation bar, go to **Administration > Security > Groups**. The **Groups** page opens with the list of existing user groups.
2. Select the **Create Group** button. The **Create Group** dialog opens.
3. Enter the group name and description.
4. Confirm with **Create**. The new group is added to the list.
5. In the **Members** column, select the list icon to add users to the group: see below.
## Adding/removing users to/from a group
You cannot add or remove users from a group if automatic group synchronization is used. For more information, see [overview](https://docs.sonarsource.com/sonarqube-server/2025.1/instance-administration/authentication/overview "mention").
To add or remove users to/from a user group:
1. In **Administration > Security > Groups**, retrieve the group.
2. In the group’s **Members** column, select the icon. The **Users list** dialog opens.
3. Select the **All** option.
4. Select or unselect the check box to add or remove a user to or from the group.
5. Select the **Done** button.
## Changing the name or description of a group
1. In **Administration > Security > Groups**, retrieve the group.
2. In the group’s **Actions** column, select the menu icon.
3. In the menu, select the **Update details** command. The **Update Group** dialog opens.
4. Edit the group details and select the **Update** button.
## Deleting a user group
You can only delete a group if it does not result in the removal of all global System Administrators.
To delete a group:
1. In **Administration > Security > Groups**, retrieve the group.
2. In the group’s **Actions** column, select the menu icon.
3. In the menu, select the **Delete** command and confirm.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.sonarsource.com/sonarqube-server/2025.1/instance-administration/user-management/user-groups.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.