Skip to content

Commit

Permalink
reword
Browse files Browse the repository at this point in the history 
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
  • Loading branch information
@BeryJu
BeryJu committed Apr 15, 2024
1 parent 56bb16d commit 5e6a6d4
Showing 1 changed file with 6 additions and 7 deletions.
13 changes: 6 additions & 7 deletions website/docs/user-group-role/groups/manage_groups.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,14 +44,13 @@ You can assign a role to a group, and then all users in the group inherit the pe
Requires authentik 2024.4
:::

To delegate user management of a group, the following permissions need to be granted on a specific _Group_ object:
To give a specific Role or User the ability to manage group members, the following permissions need to be granted on the matching Group object:

- Can view Group
- Add user to group
- Remove user from group
- Can view group
- Can add user to group
- Can remove user from group
- Can access admin interface (for managing a group's user within the authentik Admin interface)

In addition to that, the permission to view a subset or all users needs to be assigned.
In addition, the permission "Can view User" needs to be assigned, either globally or on specific users that should be manageable.

These permissions can be assigned to a [Role](../roles/index.mdx) or directly to a [User](../user/index.mdx).

In addition, to manage users of a group using the authentik Admin interface, the permissions **Can access admin interface** needs to be granted.

0 comments on commit 5e6a6d4

Please sign in to comment.