Group Membership Admin role

This is an Early AccessEarly Access (EA) features are opt-in features that you can try out in your org by asking Okta Support to enable them. Additionally, the Features page in the Okta Admin Console (Settings > Features) allows Super Admins to enable and disable some EA features themselves. feature. To enable it, use the Early Access Feature Manager as described in Manage Early Access and Beta features .

The Group Membership AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. role grants permission to view all users in an orgThe Okta container that represents a real-world organization. and manage the membership of groupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups..

The Group Membership Admin role can be a standalone assignment for admins who need to add and remove existing in a group, or it can be combined with a role like Group Admin or Help Desk Admin for broader user management permissions. These combinations enable an admin to add, remove, and deactivate existing users, reset their passwords, and change their MFA.

To assign the Group Membership Admin role:

  1. In Admin Console, go to Security > Administrators.
  2. Click Add Administrator.
  3. In the Grant administrator role to field, enter the admin’s name.
  4. Select Group Membership Admin.
  5. Choose one of the following Group Membership Admin Permissions:
    • Can administer all group memberships
    • Can administer group memberships in specific groups: Enter the names of the Okta groups whose membership can be managed by this admin.
  6. Click Add Administrator.

Edit an administrator

On the Security > Administrator page, select the pencil icon to edit an administrator or the X icon to delete an administrator. If you delete an administrator, you revoke all administrator privileges but do not delete the individual user.