<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Custom Admin That Can Create Groups But Excluded From Accessing Other Groups
Nov 28, 2025
Okta Classic Engine
Okta Identity Engine
Admin Roles
Overview

This article clarifies whether a custom admin role can be configured to create new groups while being restricted from accessing other specified groups.

Applies To
  • Custom Admin Roles
  • Group Administration
Solution

It is not possible to configure a custom admin role with permissions to create new groups while also restricting that role from accessing other specified groups.

To submit an idea as a feature request for consideration in the Okta Product Roadmap, refer to the following article for more information about Okta Ideas: How to Submit a Feature or Enhancement Request using Okta Ideas.

Related References

Recommended content

Still looking for help?
Loading
Custom Admin That Can Create Groups But Excluded From Accessing Other Groups