Create user groups
Organize users into groups for policy targeting
Create user groups
Groups let you apply policies to sets of users without managing individuals. Groups can be sourced from your identity provider or created manually in the Console.
Group sources
| Source | Description |
|---|---|
| IdP-synced | Automatically imported from Entra ID, Okta, or Google Workspace |
| Manual | Created and managed directly in the Console |
| Dynamic | Defined by rules (e.g. all users with department=Engineering) |
Create a manual group
Navigate to Groups
- Go to Organization → Identity → Groups
- Click New Group
Configure the group
| Field | Description |
|---|---|
| Name | A descriptive label (e.g. contractors, us-remote-team) |
| Description | Optional context for other admins |
| Members | Search and add individual users |
Save
Click Create Group. The group is immediately available for use in policies.
Create a dynamic group
Dynamic groups update automatically as users match or no longer match the defined rules.
- Click New Group → Dynamic
- Define rules using attributes from your IdP (e.g.
department,jobTitle,location) - Click Preview to verify which users match
- Click Create Group
Dynamic groups are the most powerful option for large or fast-changing organizations — they eliminate manual membership management entirely.
Use IdP-synced groups
If you have connected an identity provider, your existing groups will appear automatically under Organization → Identity → Groups with a sync badge. These groups cannot be edited in Threatmatic — manage membership in your IdP.
Next steps
How is this guide?
Last updated on