Help center Get started Knowledge center Product documentation API documentation
Product
Lens Weave Maskbits
Overview
Design
Project
Chart Designer
Visualization
Table Bar Chart Horizontal Bar Chart Stacked Bar Chart Horizontal Stacked Bar Chart Area Chart Line Chart Funnel Chart Pie Chart Donut Chart Waterfall Chart Radar Line Chart Numbered Card Semi Gauge Chart Radial Gauge Chart Linear Gauge Chart Financial Chart Full Gauge Chart Form View Pivot Table Box Plot Chart Geo Chart Tree List Tree Map Sankey Chart Bubble Chart Pyramid Chart
Analytics
Metrics Analysis
Custom Scripts Dimensions Filters Reports
Library
Charts Reports Templates
Dashboard
Dashboard
Schedule
Scheduler
Inbox
Inbox
Migration
Migration
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management Security Tags
Product
Lens Weave Maskbits
Overview
Data
Data Import Output Result
Data Preparation
Cleansing Imputation Duplicates Filter Fuzzy Filter Outlier Treatment Binning Trimming Validation Sorting
Transformation
Data Transformation Bulk Data Transformation Merge Union Fuzzy Merge Encoding Normalization Scaling Standardization Aggregate Unpivot Functional Transformation SQL Executor
Statistical Plots
Box Plot Correlation Histogram Pair Wise Line Plot Scatter Plot Bar Plot Stem Plot Step Plot Fill Between Stack Plot Descriptive Statistics
Workflow Agent
Workflow Agent
Scheduler
Scheduler
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management
Product
Lens Weave Maskbits
Overview
Deidentification
Deidentification
Deidentification workflows
Auto Configure
Auto Configure
Sensitive data detection
Excel Configuration
Excel Configuration
Importing configuration
Manual Configuration
Manual Configuration
Rule Configuration
Datasource
Datasource
Datasource Management
Data Model
Connectors Management
Admin
Admin
User Management Roles Management Group Management Organization Management

Overview

Group Management is the Account Admin surface for organizing users into groups and assigning roles, permissions, and shared content at group level. A group is a named collection of users with one or more roles attached; members of the group inherit those roles in addition to any roles they hold directly. Subgroups extend a parent group with additional members and additional permissions.

Group Management is accessed from Admin → Group Management. The page lists all groups in the active organization, supports search, and exposes per-group edit and delete actions. Groups are scoped to a single organization and can be nested to any depth, with any number of subgroups per parent.

When to use it

  • A new team or department is being onboarded and needs a shared role assignment.
  • A reorganization changes which users belong to which functional teams.
  • A subset of an existing team needs additional access — model this as a subgroup rather than a separate top-level group.
  • A Report or Weave Flow needs to be shared with everyone in a team, including future joiners — share to the group instead of individual users.
  • Direct role assignments are becoming hard to maintain at scale.

Group hierarchy

Datanyx groups support arbitrary-depth nesting. A group with no parent is a top-level group; any group can be designated the Parent Group of one or more child groups, and those children can in turn be parents themselves. There is no fixed limit on hierarchy depth or on the number of subgroups under a parent.

Top-level groupA group with no parent. Members receive the group’s roles directly. Typically models a department, business function, or major team.
SubgroupA group which is under a Top-level group. Members receive the subgroup’s own roles plus all roles and cascaded permissions from every ancestor up the chain. Used for divisions, sub-teams, projects, or any scope that sits within a broader team.
Multi-parent siblingsA parent group can contain multiple subgroups. Subgroups at the same level maintain separate permissions and do not inherit access from one another.

Add Group pop-up fields

Group NameUser-supplied identifier; must be unique within the organization.
Parent GroupOptional. Leave empty for a top-level group. Select any existing group to create a subgroup under it; the selected group becomes the new group’s parent regardless of its own depth.
Select UsersMulti-select list of users in the current organization to add as members.
Select RolesMulti-select list of roles to assign to every member of the group. Roles must already exist in Roles Management.

Group list columns

MembersCount of users currently in the group.
RolesRole assigned to the group and the Roles inherited from the parent.
SubgroupsSubgroups under the parent.

Key behaviors

Role aggregation is a union. A user’s effective roles are the union of every source: direct role assignments, roles from each group the user belongs to, and roles inherited from each group’s parent. Removing a role from one source does not revoke it for users who receive the same role through another source.

Direct role assignment remains supported. Users can still be assigned roles directly without being members of any group. Direct and group-based assignments coexist; both contribute to the user’s effective roles. Existing tenants do not need to migrate to group-based assignment.

Permission inheritance flows downward. Subgroups automatically inherit all permissions from their parent group. A subgroup’s own permissions are added on top of inherited ones. Members of a subgroup receive both their own and the parent’s permission set.

Sharing cascades to descendants. When a Report, Workflow, or other artifact is shared with a group, every member of that group receives access — including members of all subgroups beneath it. Sharing to a subgroup grants access only to that subgroup and its descendants, not to the parent or sibling groups.

Organization scope. Groups exist within one organization and are not visible to users in other organizations. Users who need access to multiple organizations must be added to groups in each.