Learn how user group memberships work in LogScale, including how users can belong to multiple groups that determine their access permissions and data visibility. Configuration options like LDAP and SAML allow for synchronizing group memberships from external directories. Other options include automatic user creation upon login and settings to control access based on group assignments.

A user may be a member of zero or more groups. Users who are not members of any groups can log in but can not access anything but the personal sandbox and the system repos that provide access to data on their own actions and metrics. A user can also have direct role assignments on a view.

The group memberships usually stem from an external directory, such as your LDAP tree or an IDP (Identity Provider). It is also possible to edit the group memberships through the user interface to support cases where the login mechanism only supplies the identity of the user and not the group memberships.