External groups and roles

Some of the authentication providers allow external groups or roles to be added as Members of Teams in Octopus. This section outlines how to add external groups/roles to Teams.

Note: Not all authentication providers include support for external groups and roles. See Authentication provider compatibility for more information.

---

Adding external groups or roles to Octopus Teams can be helpful in controlling the permissions of users. In the case of Active Directory, when a user logs in to Octopus, we check the user’s groups. If the user is in one of the groups assigned to an Octopus Team, they are considered part of that Team and will have the permissions set for that Team.

Depending on which authentication providers you have enabled, the following buttons may appear on the Team page.

Add Active Directory group

This button appears if you have the Active Directory authentication provider enabled, and when activated you will see the following dialog

The search on this dialog will locate any groups in the domain that start with the text you provide.

Trusted domains

If your environment has trusted domains, you can search for groups in the trusted domain by prefixing the search text with ”domain” (where domain is the name of the Trusted Domain).

Add external role

This button appears if you have an external authentication provider enabled (e.g. Azure AD), and when activated you will see the following dialog

The Role Id corresponds to the role id from the external provider (learn more about roles for Azure AD), Display Name is purely for display in the Team page.

Help us continuously improve

Please let us know if you have any feedback about this page.

Send feedback

Page updated on Sunday, January 1, 2023