Users are typically grouped together into user groups. These match very closely to how the majority of organization group together users by department and job roles. For example Account Groups might need to have access to billing and usage information, whereas System Administrators need to have access to administrate Storage, and other IT systems.
iconik Groups can mirror those organization groupings, and/or Directory groupings but it also allows a user to be a member of more than one group at a time. So for instance a user could be in the Group for uploading new Assets as well as for adding metadata. But another user is only allowed to download and add metadata.
Each group can have one or more roles associated to it. These allow granular control of what members of the group are allowed to do. For instance, a user that is in groups is only allow to download if one of the groups they are a member off has the role download.
By organizing users into groups, and then matching roles to groups you can insure functionality is only available to those that need it.
On the group edit page there are two options relevant only for users logging in and getting groups assigned via SAML.
- SAML Default User Type assigns which user type new users logging in via SAML will get if members of this group
- SAML Primary Group Priority tells if this group should be considered a primary group when adding new users via SAML login. 0 means that it will be not considered, and if a user is a member of multiple groups the one with the highest priority will be applied as primary group.
Only System Administrators are allowed to change which group you are a member of. Ask your Administrator for more details.