Groups Overview

   Journey Manager (JM) The transaction engine for the platform.  |    System Manager / DevOps  |   17.10 This feature was updated in 17.10.

Manager allows you to create and use groups to implement a fine-grained control of user access to your environment. You can use this functionality to:

• Control user access to forms and their resources
• Add users to groups to enforce required user functions and responsibilities
• Extend the privileges defined through roles and their permissions
• Create working groups to allow users to collaborate to review, approve or reject application forms. For example, a reviewer who approves or rejects an application form must belong to a reviewer form group.

Manager uses the following pre-defined group types to create new groups:

• Alert groups - to notify and alert users about certain events
• Form groups - to restrict user access to forms or tasks that are associated with this group
• Job groups - to restrict access to job coordinators

Manager can use dynamically loaded groups when users are managed externally using LDAPLightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network. or SSOSingle sign-on (SSO) is a property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to any of several related systems. authentication. Manager loads the user's group associations at login time. For LDAP users, groups are usually defined as a distinguished name, such as "CN=mygroup,OU=Distribution Groups,OU=MyBusiness,DC=mycompany". Manager parses these group name, so "CN=mygroup"becomes "mygroup". For SSO users, the group names can be passed in while creating a SSO token.

Next, learn how to view groups.