mirror of
				https://github.com/datahub-project/datahub.git
				synced 2025-10-26 08:25:02 +00:00 
			
		
		
		
	
		
			
	
	
		
			33 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
		
		
			
		
	
	
			33 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			Markdown
		
	
	
	
	
	
|   | # Authorization using Groups
 | ||
|  | 
 | ||
|  | ## Introduction
 | ||
|  | 
 | ||
|  | DataHub provides the ability to use **Groups** to manage policies. | ||
|  | 
 | ||
|  | ## Why do we need groups for authorization?
 | ||
|  | 
 | ||
|  | ### Easily Applying Access Privileges
 | ||
|  | 
 | ||
|  | Groups are useful for managing user privileges in DataHub. If you want a set of Admin users, | ||
|  | or you want to define a set of users that are only able to view metadata assets but not make changes to them, you could | ||
|  | create groups for each of these use cases and apply the appropriate policies at the group-level rather than the | ||
|  | user-level. | ||
|  | 
 | ||
|  | ### Syncing with Existing Enterprise Groups (via IdP)
 | ||
|  | 
 | ||
|  | If you work with an Identity Provider like Okta or Azure AD, it's likely you already have groups defined there. DataHub | ||
|  | allows you to import the groups you have from OIDC for [Okta](../generated/ingestion/sources/okta.md) and | ||
|  | [Azure AD](../generated/ingestion/sources/azure-ad.md) using the DataHub ingestion framework. | ||
|  | 
 | ||
|  | If you routinely ingest groups from these providers, you will also be able to keep groups synced. New groups will | ||
|  | be created in DataHub, stale groups will be deleted, and group membership will be updated! | ||
|  | 
 | ||
|  | ## Custom Groups
 | ||
|  | 
 | ||
|  | DataHub admins can create custom groups by going to the **Settings > Users & Groups > Groups > Create Group**.  | ||
|  | Members can be added to Groups via the Group profile page. | ||
|  | 
 | ||
|  | ## Feedback / Questions / Concerns
 | ||
|  | 
 | ||
|  | We want to hear from you! For any inquiries, including Feedback, Questions, or Concerns, reach out on Slack! |