Security Groups and Permissions

   This article has been moved!

We've recently updated our support center articles - Please bear with us while we make the transition. This article can now be found here!

Security Groups can control how users in your account can access documentation. This guide will help you understand how to modify groups.

Group Members

You can add and remove group members from the group. To add a group member, they must not

  1. Already exist in a group. A user can only be part of one group at a time.
  2. Be an admin or super admin. These users have access to all information in Hudu.
  3. Be a Portal Member. Portal Members can't be a part of a group. 

Note: To change a user's role, can be done by editing the user.


Restricting Group Abilities


When setting a group, you have the ability to turn off features of Hudu. The abilities you can turn off from users in the group are:

  1. Tailor Dashboard to Location

    1. This will remove content like Documentation Quality Reports, Integration Info boxes from the user's dashboard as they login, simplifying what they need to see and interact with.
  2. Remove Access to Global KB
    1. This will remove a user's ability to see the Global Knowledge Base. Company-specific knowledge bases are not affected (as long as they have access).
  3. Remove Access to Personal Vaults (My Vaults)
    1. This will remove the My Vault Feature. This does not affect Company-specific passwords.
  4. Remove Access to Share
    1. This will remove the ability to share one-time passwords, KB articles, one-time notes, and real-time status reports
  5. Remove Access to Client Passwords
    1. This will remove the Password feature from all Clients/Companies.
  6. Remove Access to OTP Secrets
    1. This will remove the ability to add or edit OTP secrets for passwords in a Company/Client.


Setting Group Access Schedules

You also have the ability to control when a user's group can sign in to access Hudu; times of day and/or days of the week. This has to be enabled for users to see. User attempted logins will be logged in the activity logs.


The 2 Types of Security Groups

Deny List

This is the default. With the restriction model set to Deny List, users in this group will not be able to see the clients added here. All other clients are visible.

Allow List

With the restriction model set to Allow List, users in this group will only be able to see the clients added here. All other clients are hidden. 

Cascading Permissions

  • When a company/client is restricted, all information in a client is also restricted.
  • When there is an asset or website restricted, all passwords that have a parent/child relationship will also be restricted.

Seeing who can view a record

Who can view

By clicking the sidebar, Who can View option, you can have a nice table showing who can view a particular record.



Another feature that is helpful is our impersonation feature. As an admin, click on a user in Hudu Admin > Users, and then you can click the impersonate button to login as them and see what they can see.

Default Group

You can mark a group as a default group. This will make it be auto-selected when you create a new user who can be in the group.





Was this article helpful?
0 out of 0 found this helpful