Child pages
  • Grouper types on objects

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Grouper types helps support and clarify the usage of types as defined in the TIER the Grouper Deployment Guide. 

This is a more structured and consistent way of accomplishing what could also done through the attribute framework


If the type is "service", and it is an indirect assignment, and the folder which assigns it has a display extension of "Student systems", then followup with a sentence (note, the folder should be linkable to that folder): This is the Student systems service.

Available Types

TypeOwner typeTooltip
refgroup/folderReference groups are institutionally meaningful cohorts used in access policy.
basisgroup/folderBasis groups represent arcane codes or attributes from external systems are used generally in reference groups and not directly in access policy.
readonlygroup/folderRead-only groups should not have membership changes except by the process that manages the group; perhaps external from the central authorization system
policygroup/folderAccess policy groups are used by downstream systems to allow or deny users access to services or resources.
bundlegroup/folderBundles are reference groups which aggregate multiple other reference groups. Reference groups are institutionally meaningful cohorts used in access policy.
securitygroup/folderSecurity groups are collections of entities who have from access privilege on a group/folder/attribute, e.g. studentSystemAdmins.
orggroup/folder"Org" or organization groups or folders are delegated to and owned by organizations in the community.
testgroup/folderTest groups or folders are not used in production systems. They could be for dev, test, performance, etc environments.
appgroup/folderApp groups or folders exist to be used in a specific application.
servicegroup/folderA service is a collection of one or many apps that comprise of a service offered to users.


Use the "More actions" button to access Type.