You can use groups in SharePoint Online to provide users with the same permissions. Groups that you add for site collections are valid for all sites in that site collection. SharePoint Online roles that you define for a site are assigned directly to groups. All user accounts that are members of these groups obtain the permissions defined in the SharePoint Online roles for this site.
You can edit the following group data in the One Identity Manager:
- Object properties like display name, owner, or visibility of memberships
- Assigned SharePoint Online role and user accounts
- Usage in the IT Shop
- Risk assessment
- Inheritance through roles and inheritance restrictions
Detailed information about this topic
- SharePoint Online group master data
- Specifying categories for inheriting SharePoint Online groups
- SharePoint Online group inheritance based on categories
