Select User Groups for Self-Service
If you use provisioning and restricted agents, you can select the user groups that you want to make available to users when they enroll in Self-Service. The user groups in which a user enrolls determine which restricted agents the user can use to authenticate. The user groups that you select are displayed on the Self-Service Console. If you select no user group, the User Group Selection page does not display during enrollment.
When selecting user groups for Self-Service, consider the following:
Users can request membership in internal groups only. AM cannot add users to groups in external identity sources.
Which user groups provide users with the access to resources that they need
Whether there are any user groups that you do not want users to access
Whether there a user group that you want all users to access
If you set a default group, users can only belong to the default group.
If you do not use restricted agents, you do not need to select user groups for provisioning.
Note: Users can request additional user group membership after enrolling in Self-Service, as long as the user group resides in the internal database.
Procedure
In the Security Console, click Setup > Self-Service Settings.
Click Select User Groups.
Click Next to select the internal database, the only identity source that contains user groups that you can make available to users for enrollment.
In the Display Name for User Group Selection Component field, enter user-friendly text about choosing a user group. For example, if remote access is protected by a restricted agent, you might enter “Select your access method.”
Click Select More Groups to view a list of available groups for the identity source you selected.
Select the user groups you want, and click Make Available.
(Optional) In the Display Name field, add a descriptive name for the user group. For example, enter “VPN.”
(Optional) Click the Default Group check box for each user group that you want assigned by default to all new users who enroll through the Self-Service Console.
Click Save.
Related Articles
RSA Identity Governance & Lifecycle request form does not populate Entitlement selector correctly Number of Views New Feature: Log Artifact in RSA Governance and Lifecycle Number of Views RSA Governance & Lifecycle Webservice RESTful Connector Datasheet Number of Views Identities are not sorted alphabetically in RSA Kety Manager Server 2.2 Number of Views ORA-31061 or ORA-19202 generating ASR report or Log Artifacts in RSA Identity Governance & Lifecycle Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
