User groups

Members of a user group are granted permissions and privileges according to the user group policies assigned to that group. By managing permissions and privileges using groups, you can streamline how they are assigned. This means that when you add new members to a group, they are automatically assigned the same access rights as every other member of the group.

Sitecore Content Hub includes various user groups to help get you started but you can create, edit, or delete user groups from the Manage page as required if you have the necessary permissions. Some of these user groups (such as Creators, Approvers, Editors, Readers, and Guests) are intended to provide you with an example of how you might apply permissions and privileges and are used for demo purposes.

Important

We strongly recommend you create new user groups specific to your project and requirements. Precalculated permissions in Content Hub are evaluated each time an entity is created or updated. The number of user groups, and the number of policies they contain, has an impact on performance; for this reason, we recommend you have no more than 100 user groups, each containing fewer than 100 policies.

Note

A user can be a member of multiple groups.

Standard user groups

The following user groups are available as standard in Content Hub.

Important

We recommend you use the standard user groups to apply common permissions that apply to most users, and only use custom groups to apply specific permissions to individual groups who need them.

Tip

Review the Security best practices to ensure standard user groups are used and configured properly.

User group

Focus

M.Builtin.CMP.Everyone

Tasks related to content. Users have basic read permissions to content pages.

M.Builtin.SitecoreDAM.Everyone

Tasks related to digital asset management. Users have access to pages for the Sitecore Connect for Content Hub connector.

M.Builtin.Project.Everyone

Tasks related to projects. Users have basic read permissions to pages related to projects, tasks, and jobs.

M.Builtin.ProjectAdministrators

Tasks related to projects. Users have full edit permissions on all pages and entities under project.

M.Builtin.PCM.Everyone

Tasks related to the review of products and catalogs. Users have basic permissions for the PCM module.

M.Builtin.DRM.Everyone

Tasks related to the review and approval of content under DRM contracts. Users have basic read permissions for DRM tasks within projects (MRM). This user group includes several built-in rules that cannot be modified.

M.Builtin.DRM.Administrators

Tasks related to the edit of permissions on DRM rights profiles. This user group includes several built-in rules that cannot be modified.

M.Builtin.CreativeCloud.Everyone

Tasks related to the use of the Sitecore Connect Creative Cloud connector. Users have access to the pages used in the connector.

M.Salesforce.MC.Everyone

Tasks related to the Salesforce connector. Users have access to the pages used in the connector as well as read and edit permissions.

M.Salesforce.MC.Editors

Tasks related to the Salesforce connector. Users have access to the pages used in the connector as well as read and edit permissions.

M.Builtin.Chili.Everyone

Tasks related to the use of the Sitecore Content Publisher (formerly known as the Chili publisher). Users have read and edit permissions for Chili print.

M.Builtin.Chili.Administrator

Tasks related to the use of the Sitecore Content Publisher (formerly known as the Chili publisher). Users have read and edit permissions for Chili print as well as additional permissions to create, update, and delete.

M.Builtin.SM.Everyone

Tasks related to state flows. Users have view permissions for state flows.

M.Builtin.SM.Administrators

Tasks related to state flows. Users have view and edit permissions for state flows.

Note

The M.Sitecore.Support user group is an internal user group used by the Sitecore Support team to log in for troubleshooting.

Everyone user group

The Everyone user group is a system-level user group that cannot be deleted. Every new Content Hub user is added to this group automatically when their account is created. We recommend that the Everyone user group include the minimum permissions required by any user in Content Hub, and that you create additional user groups specific to your requirements. If you change user group policies for the Everyone default user group, your changes affect all users in the system.

Important

Do not remove users from the Everyone user group because this will remove the baseline permissions required for them to access the system. We strongly recommend that you do not modify permissions for this user group because it might cause users to lose access to features and functions. For example, do not remove the Read permission from this group.

Do you have some feedback for us?

If you have suggestions for improving this article,