> ## Documentation Index
> Fetch the complete documentation index at: https://docs.royaltyport.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Access Groups

> Scope organization members to a subset of your projects with access groups

## Overview

Access groups let you limit which projects a member can see and work in. By default,
every member of an organization has full access to all of its projects. Once you add a
member to one or more access groups, they can only reach the projects those groups grant —
everything else disappears from their view.

Use access groups when you want to give external collaborators, contractors, or focused
teams access to only the projects that concern them, without spreading that access across
your whole organization.

<Note>
  Access groups only restrict **Collaborators** and **Viewers**. Organization **Admins** always
  have full access to every project and are never limited by a group.
</Note>

***

## How Access Works

Access groups follow a simple, additive model:

* **A member in no group has full access.** Until you place someone in a group, they can
  see every project in the organization.
* **A member in one or more groups sees the union of those groups' projects.** If a member
  belongs to two groups, they can reach the combined set of projects from both.
* **Admins are never restricted.** Their access is always organization-wide,
  regardless of any group.

<Info>
  Because a member with no group keeps full access, adding someone to their **first** bounded
  group is the moment their access actually narrows. The app asks you to confirm this step so
  it's never a surprise.
</Info>

***

## Opening Access Groups

<Steps>
  <Step title="Go to Settings">
    Navigate to your organization's **Settings**.
  </Step>

  <Step title="Open the Access Groups tab">
    Select the **Access Groups** tab, located between **Members** and **Security**.
  </Step>
</Steps>

The Access Groups page lists every group in your organization, showing each group's name,
its member count, and how many projects it grants (or **All projects** if it covers
everything).

<Note>
  Only Admins can create, edit, or delete access groups and manage their members
  and projects.
</Note>

***

## Creating a Group

<Steps>
  <Step title="Click Group">
    Click the **+ Group** button at the bottom of the Access Groups page.
  </Step>

  <Step title="Name the group">
    Enter a descriptive name, such as *External accountants* or *Marketing team*.
  </Step>

  <Step title="Create">
    Click **Create**. The new group starts empty — add members and projects next.
  </Step>
</Steps>

***

## Managing Members

Open a group's three-dot menu and select **Members** to control who belongs to it.

<Steps>
  <Step title="Add a member">
    Use the **Add member** dropdown to select an organization member. Admins
    appear as **Full access** and cannot be added — they aren't restricted by groups.
  </Step>

  <Step title="Confirm the first restriction">
    If the member currently has full access (they're in no other group) and this group is
    limited to specific projects, you'll be asked to confirm. Adding them cuts their access
    down to only the projects their groups grant.
  </Step>

  <Step title="Remove a member">
    Click **Remove** next to any current member to take them out of the group.
  </Step>
</Steps>

<Tip>
  Removing a member from their last remaining group returns them to full access across the
  organization.
</Tip>

***

## Managing Projects

Open a group's three-dot menu and select **Projects** to choose which projects it grants.

<Steps>
  <Step title="Select projects">
    Check the projects this group should grant access to. Changes save immediately.
  </Step>

  <Step title="Or grant all projects">
    Turn on **All projects (incl. future)** to grant access to every project in the
    organization, including any created later. While this is on, the individual project
    checkboxes are disabled.
  </Step>
</Steps>

<Info>
  A group set to **All projects** gives its members organization-wide project access while
  still keeping them in the group. Turn the toggle off to return to a specific list of
  projects.
</Info>

***

## Editing a Group

From a group's three-dot menu, select **Edit** to rename the group or toggle its
**All projects** setting.

***

## Deleting a Group

From a group's three-dot menu, select **Delete** and confirm.

<Warning>
  Deleting a group cannot be undone. Any member who belonged only to that group — and to no
  other group — returns to full access across the organization.
</Warning>

***

## Assigning Groups When Inviting

You can place a new member into access groups at the moment you invite them, so their access
is scoped from the start.

<Steps>
  <Step title="Start an invite">
    Click **+ Member** and enter the invitee's email address.
  </Step>

  <Step title="Choose a role">
    Select **Collaborator** or **Viewer**. (Admins are always full-access, so the group
    selector is disabled for them.)
  </Step>

  <Step title="Select access groups">
    Use the **Access Groups** multi-select to choose one or more groups. Leave it empty to
    give the new member full access to all projects.
  </Step>

  <Step title="Send the invitation">
    Click **Send**. When the invitee accepts, they're placed into the selected groups
    automatically.
  </Step>
</Steps>

<Note>
  Groups that grant every project appear in the selector marked **(All projects)**.
</Note>

***

## Best Practices

<AccordionGroup>
  <Accordion title="Name groups by team or purpose">
    Clear names like *External accountants* or *EU marketing* make it obvious who belongs in
    each group and why.
  </Accordion>

  <Accordion title="Assign groups at invite time">
    Scope external collaborators from the moment they join so they never briefly see
    projects they shouldn't.
  </Accordion>

  <Accordion title="Keep Admins few">
    Admins bypass all group restrictions. Reserve the Admin role for people who genuinely
    need organization-wide access.
  </Accordion>

  <Accordion title="Review group membership regularly">
    Remove people from groups when their involvement ends to keep project access tidy.
  </Accordion>
</AccordionGroup>

***

## Troubleshooting

<AccordionGroup>
  <Accordion title="A member can't see a project they need">
    Add them to a group that grants that project, or turn on the group's **All projects**
    toggle. Remember that a member sees the combined projects of every group they're in.
  </Accordion>

  <Accordion title="A member still sees every project">
    They're likely in no group (which means full access) or they're an Admin.
    Add them to a bounded group to restrict a Collaborator or Viewer; Admins can't be restricted.
  </Accordion>

  <Accordion title="I can't manage access groups">
    Only Admins can create and manage groups. Check your role on the **Members**
    tab.
  </Accordion>

  <Accordion title="A removed member regained full access">
    That's expected — removing someone from their last group returns them to full access.
    Add them to another bounded group to keep their access scoped.
  </Accordion>
</AccordionGroup>

***

## Related Documentation

<CardGroup cols={2}>
  <Card title="Member Roles" icon="user-shield" href="/organizations/settings/members/roles">
    Understand Admin, Collaborator, and Viewer permissions.
  </Card>

  <Card title="Member Invites" icon="envelope" href="/organizations/settings/members/invites">
    Invite new members and assign their access.
  </Card>

  <Card title="Projects" icon="folder" href="/organizations/projects/overview">
    Manage the projects within your organization.
  </Card>

  <Card title="General Settings" icon="cog" href="/organizations/settings/general">
    Configure organization basics.
  </Card>
</CardGroup>
