An access group restricts access to functionality within your application. You can create multiple access groups for the same application to achieve different levels of access control.
An access group determines:
The portals users can access after they are logged in.
The roles, or privileges, available to users.
Advanced options, such as default ruleset name and version that are assigned to new rules.
An access group is associated with a user through the user's Operator ID. If a user has more than one access group defined at login, the application that is associated with the primary access group is accessed.
Security administrators can also use privilege inheritance to simplify the process of granting user access to a feature protected by privilege.
Access groups are instances of the Data-Admin-Operator-AccessGroup class.