Documentation Index
Fetch the complete documentation index at: https://knowledge.goautonomous.io/llms.txt
Use this file to discover all available pages before exploring further.
Overview
User groups are how you control access in Go Autonomous. A group bundles together a set of permissions — which products users can use, which areas they can see, which inboxes and intents they can work with, and which administrative pages they can reach. You then assign users to groups, and they inherit everything that group allows. Find groups under Administration → Access Control → User Groups.The Access Control Manager group
Every Go Autonomous environment includes one protected system group: Access Control Manager. Members of this group have full access to manage the Access Control area itself — adding and removing users, creating and editing user groups, and configuring SCIM. The group cannot be deleted, and its permissions cannot be edited (a shield icon marks it on the User Groups page). You can still add and remove members from it. This is the only system-protected group in the long-term setup. All other groups in your environment are fully editable.Create a user group
Pick a template (optional but recommended)
Templates pre-fill permissions across every tab, so you only need to adjust what’s different.
Templates are only available when creating a new group, not when editing or copying.
| Template | Pre-configured access |
|---|---|
| Everyday User | Full Flow and Workstation access in the default area |
| Platform Administrator | Full access to all products and user management in the default area |
| IT Administrator | Edit access to integration pages only (Connectors, Authenticators) |
| Super User | Everyday user access plus user management capabilities |
| Custom | No pre-configured permissions — start from a blank slate |
Configure each tab
Work through the tabs to define what this group can do. Each tab is described below.
The group configuration tabs
Basic Info
The group’s name (required and unique) and an optional description.SCIM/SSO
External Group ID mapping and sync settings. Use this tab when you want this group’s membership to sync automatically from your identity provider. See Setting up SCIM for the complete walkthrough.Spaces
Define the access scope for this group:- Mode — choose between Area (filter mails by geographic area) or Inbox (filter by inbox assignment).
- Areas — select specific areas, or use Default (All Areas) for full access.
- Inboxes — select specific inboxes; with no selection, the group has access to all inboxes. Public and private inboxes are distinguished with icons.
- Intents — choose allowed intents from the hierarchical Category → Subcategory → Intent tree. When Inbox mode is selected, available intents may be limited based on inbox restrictions.
Products
Toggle each product on or off and configure access levels:| Product | Configuration |
|---|---|
| Flow | Master toggle + In-area access (Viewer / Editor) + Out-of-area access (No Access / Viewer) |
| Workstation | Master toggle + Visibility (Assigned Only / All Mails) |
| Pulse | Master toggle + Access Level (Viewer / Editor) |
| Axon | Master toggle + Access Level (Viewer / Editor) |
Administration access
The administration areas of the platform are controlled together with simple Editor or No Access levels for now. Granular per-page controls are on the way.| Area | Access levels |
|---|---|
| Company Settings | No Access, Editor |
| Access Control | No Access, Editor |
| Audit Trail | No Access, Editor |
Copy a group
Use copy to quickly create a variant of an existing group. Click the Copy icon on any group card. The dialog opens pre-populated with the source group’s settings:- The name is auto-suffixed with (Copy) and must be changed to something unique.
- SCIM/SSO settings are reset — the External Group ID is cleared and sync is disabled.
- No members are copied — the new group starts empty.
Edit a group
Click any group card to open the details sheet, then click Edit to make changes. Members of protected groups can be managed but the group’s settings cannot be changed.Delete a group
To delete a group, open the group’s menu and select Delete. To confirm, you must type the group name exactly. If the group has members, you’ll be prompted to migrate them to another group before the deletion completes — this prevents users from being orphaned without permissions. If the group is synced via SCIM/SSO, you’ll see a warning that you’ll need to remove or reassign the group mapping in your identity provider configuration after deletion.Protected groups
The Access Control Manager group is protected. Members of this group are granted full access to everything in the Access Control area — they can add and remove users, create and edit other user groups, and configure SCIM. The group itself can’t be edited or deleted, though members can still be added to and removed from it. A shield icon marks protected groups on the card and the details sheet. For the full breakdown of what each access level means in each product, see Permission levels by product.Group details sheet
Clicking a group card opens a details sheet with everything about the group:- Name, description, and Copy/Edit buttons
- SCIM/SAML sync badge if applicable
- Created date, created by, last synced timestamp, and external ID
- Up to 4 member avatars with names; if there are more, a “View all X members” link opens the Users page filtered to that group
- Space access (either Inbox Assignments or Area Access)
- Intent access list
- Product access summary
- User access privileges (categorised by level)
- Page access (categorised as Full Access, Area Only Editing, or View Access)
What’s next
- User Management for adding users to your groups.
- Setting up SCIM to automate group membership from your identity provider.
- Changes in User Permissions to understand how the new permission model differs from the old role-based system.