<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y00006ckNxxSAEOkta Classic EngineAdministrationAnswered2024-04-12T20:09:42.000Z2019-09-03T14:57:42.000Z2020-07-06T07:23:46.000Z

00uljxagflVREYsrn351.5578706922750068E12 (Customer) asked a question.

September 3, 2019 at 2:57 PM
Group Admin Role Limitation on Add/Remove Users

We were hoping that the Group Admin Role, when permissions are specified to specific named groups, would allow those admins to add/remove users from the specified groups. It seems however, that this setting only allows the admin to add "new users" to the specified groups. They are not allowed to add/remove existing users.

 

Are we understanding that limitation correctly? Is there anyway to specify an admin with rights to add/remove users only to specific groups, via the UI or API, or is this right only provided to users with the full Group Administrator role?

  • 2 answers
  • 1.2K views

  • ashwin.sasidharan1.5415809759813984E12 (Okta, Inc.)

    Hello Jack,

     

    Thank you for posting your question in the community forum. If the group admin is for all the users then the group admin can add and remove any users from the group. If the admin is for a specific group then admin should be able to create a user and add them to the groups they manage. They can also remove the members from the group. But they will not be able to add any existing user to the group.

     

    The present functionality works like this and I hope I this helps you. If you have any questions or need any additional assistance in setting up the permissions kindly contact Okta support and an Engineer will assist you with the set up.

     

    Thank you.

    Expand Post
    Selected as Best

  • ashwin.sasidharan1.5415809759813984E12 (Okta, Inc.)

    Hello Jack,

     

    Thank you for posting your question in the community forum. If the group admin is for all the users then the group admin can add and remove any users from the group. If the admin is for a specific group then admin should be able to create a user and add them to the groups they manage. They can also remove the members from the group. But they will not be able to add any existing user to the group.

     

    The present functionality works like this and I hope I this helps you. If you have any questions or need any additional assistance in setting up the permissions kindly contact Okta support and an Engineer will assist you with the set up.

     

    Thank you.

    Expand Post
    Selected as Best

  • 0pd0q (0pd0q)

    Hi Ashwin,

     

    We have added users to a group and granted the following admin privileges:

     

    1. Group Administrator (All)
    2. Read Only Administrator
    3. Report Administrator
    4. Help Desk Administrator (All)

    When users from this group try to 'Manage People', they are not able to add/remove users. Any possible reason?

     

    Thanks,

    Ashwini

    Expand Post
This question is closed.
Loading
Group Admin Role Limitation on Add/Remove Users