Groups
Overview
Groups are used to assign permissions to users in XPKit. Technically they are collections of OAuth 2.0 authorization scopes granting users access to XPKit resources.
By default XPKit creates the Admin and Single sign-on groups but admins can create as many as required and assign them to users in XPKit Portal.
Default groups
There are two groups created by XPKit by default that cannot be changed or deleted:
- Admin: has all scopes assigned to it. The owner of your XPKit account cannot be removed from this
group
- Single sign-on: has two permissions only: usersso:read and usersso:update. Access tokens which have these scopes can be used to call the Auth API to retrieve and update details about the logged in
user
. Unless changed thisgroup
is the one assigned by default to users who login using the XPKit SSO.