Group management
Create groups of admins or techs in idemeum.
Overview
Idemeum offers granular access control by using groups. You can assign admins / techs into groups, and then use groups to control access to workstations, LAPS credentials, Entra JIT accounts and more.
Create user groups
Users need to be onboarded into idemeum before they can be assigned to groups.
- Navigate to your parent idemeum tenant admin portal
- Access
Groups
and then chooseAdd group
- Provide the group name
- Choose what users need to be assigned to the group from the dropdown menu

Groups scope
Groups will propagate to all your child organizations and customer tenants. You will be able to use groups for various use cases:
- Use groups to delegate access to organizations / customers
- Use groups to control who has access to LAPS credentials in the organization / customer tenant
- Use groups to define what Entra ID role gets assigned to Entra ID JIT account
- Use groups to control access to workstations when logging in with JIT account