UW Groups are memberships of common identifiers for people, computers, and applications. Each UW Group consists of a membership list of identifiers (e.g. UW NetIDs), plus metadata about the group, such as name, description, contact, administrators, membership viewers, and authorized senders. Each UW Group can be referenced by a unique identifier called its UW Group ID.
UW Groups support collaboration and communication by making it easier to reuse groups in tools and applications. Common uses of UW Groups include email lists, calendaring, scheduling, sharing resources, surveying, and voting. Organizations, teams, and individuals can choose how they organize groups and where they use them. UW Groups can identify members of an organization or a part of one, members with a business or security role, or members with access to a resource.
The UW Groups service (groups.uw.edu) is the central location where UW Groups are created, managed, and integrated into applications. Some groups are managed by teams and individuals for ad hoc purposes such as projects. Other groups are managed by UW organizational and institutional processes like student enrollment. Authorized members of the UW community can use the service to manage groups under their authority and to delegate group administration to others as needed using flexible access controls for group administrators, membership managers, and subgroup creators. Group memberships can include people, applications, and computers, as well as other UW Groups.
Tip: Current faculty, staff, students, and retired faculty and staff can access groups.uw.edu. Just sign in with your UW NetID. Then you can view and manage groups based on access assigned to you.
Each group has a unique identifier called its UW Group ID. The UW Groups service uses a structured namespace for UW Group IDs, which allows individuals, teams, and organizations to create and manage groups independent from each other. UW Group IDs can be up to 128 characters in length and contain lower-case letters, digits, dashes, and underscores. Online tools and applications that integrate UW Groups also typically refer to them by their UW Group IDs. However, UW Groups enabled for emailing the members of the group may or may not have an email address that contains the UW Group ID.
All UW Group IDs begin with a short prefix such as "u", "uw", or "course", followed by an underscore. This prefix places the group within the top-level namespace for UW Group IDs and implies high-level characteristics such ownership or naming authority. The components following the underscore establish more specific properties, such that many UW Group IDs contain a sequence of components, each separated by an underscore, which increases in specificity from left to right.
To find UW Groups, browse and search the UW Groups service (groups.uw.edu). If you don't find a group that meets your needs, ask around. Your team or organization may already have created UW Groups that suit your needs. Or if you're collaborating within or across UW organizations, contact the related IT support staff to find out if a group exists for your purpose.
Tip: Many UW organizations are just getting started with UW Groups. When contacting them, describe what group membership you're looking for and what tools or applications you're hoping to use with UW Groups (e.g. "I'm contacting you because I'm trying to identify and survey folks in your department via a Catalyst WebQ and UW Groups...").
A "home group" is used as a starting point for creating other UW Groups. Therefore, a single home group such as "uw_law" or "u_astra" can support many purposes found in many kinds of organizations, including those that organize their groups into multi-level subgroup hierarchies (e.g "uw_law_students", "uw_law_employees", "uw_law_services"). Many UW organizations and some teams already have a home group you might be able to use.
If you don't have a home group that meets your needs, there are three options for creating them:
Tip: UW-IT recommends that home groups based on Personal UW NetIDs be used only for short-term team activities or personal purposes rather than critical long-term organizational purposes, since access to these groups may be lost if the group owner leaves the university.
To create UW Groups using your web browser:
If you want to create and manage UW Groups using an API, refer to Groups Web Service REST API.
Although you can add the initial members to a group when it is created, the routine tasks of adding and removing members is performed on the membership tab. There you can add and remove individuals by their UW NetID or Federated ID. You can also manage memberships comprising other groups as members, as well as DNS names and UWWI Computer names.
Tip: The administrators, member managers, and subgroup creators for a group aren't added automatically to the membership of a group. These roles only grant management permissions. They do not grant membership.
Adding other groups to the membership of your group is a useful feature that saves time and effort. You can add references to your own groups, as well as groups administered by others, including institutional groups. The only technical constraint on adding other groups as members is you must have permission to view the membership of the group that you want to reference as a member of your group.
The membership tab displays the current membership of a group. By default, it displays the direct members: all of the current members that were added directly to the membership of the group. If the direct membership includes other groups as members, view the effective members for an expanded view of all direct members plus the members of the other groups. The membership tab includes a few details about each direct or effective member. These details assist in reviewing the membership. On some browsers, positioning the cursor over an effective member will display pop-up information about its derivation.
Tip: The history tab can be used to review the details about how and when direct members were added and removed. You can even filter and review the history for specific members.
Each group has an optional attribute called a "membership dependency group" that allows group administrators to control the membership of one group so that it depends on the membership of another group. This feature enables you to define technical controls on the direct membership, and rely on the Groups service to enforce the controls both when new members are added and on an automated basis (once every 4 hours) to remove members who are no longer members of the membership dependency group. For example, if you add the uw_employee group as a membership dependency group, you won't be able to add members to your group who aren't members of the uw_employee group; you will only be able to add members to your group that are members of the uw_employee group. Furthermore, any member of your group who is removed from the uw_employee group will be removed automatically from the membership of your group as well.
Note: this feature only removes a maximum of 5 members each time it processes your group. If there are a lot of members to remove, it will take awhile. Note: This feature only applies the membership dependency to direct members; it doesn't apply the dependency to the effective membership of your group, nor to any subgroups. Therefore, if you want to enforce the same membership dependency on the memberships of several groups, add the same membership dependency group to each one. Tip: This feature applies to all members of the group, including UW NetIDs, groups (group-ids) as members, and other types of members. All direct members of the group must be members of the defined membership dependency group.
If you want to be notified when changes are made to the membership of a group, add it to your list of watched groups. Use the Watches menu to add and remove groups you're watching.
Add member managers to allow others to update the membership of a group. Adding a member manager gives them permission to update the membership of a group, without being able to remove the group or perform other updates. They can only update the membership.
When you create or edit a group, you can control whether or not members are permitted to join and leave the membership on their own. You can allow anyone to join or leave, or define specific groups that may do so. Sometimes this feature is described as allowing members to opt-in or opt-out of the membership.
Note: people who are members of the uw_member group may access the UW Groups Service user interface. This includes current faculty, staff, students, retired faculty and staff, as well as applications and other authorized exceptions. People who are not in this group will not be able to use the join/leave feature. Consider an alternate method for such people to request to be added to your group.
Each group has an optional classification attribute that group administrators can use to assign the level of privacy and security that should be applied to the group and its membership. The options are derived from APS 2.2 and APS 2.4, and include Public, Restricted, and Confidential.
The membership viewer control is a technical access control that restricts access to the membership of a group. Admins can use it to enforce an access policy based on data classification and evaluation of business value and risk the the UW and individuals.
To implement a variety of access policies, membership viewer controls can include to UW groups, individuals (by UW NetID), or applications (by UW CA certificate name). By default, membership viewer controls are empty, and groups without any membership viewer control can be viewed based on the default access policy (current faculty, staff, students, retired faculty and staff, as well as applications and other authorized exceptions). Additionally, membership viewer controls can be turned on and off without removing the current list of authorized clients: in the browser interface, the "no viewer restrictions" checkbox turns off viewer controls. Examples of groups with more restrictive access policies include most institutional groups provisioned from institutional data sources: UW course groups are classified as Confidential and have membership viewer controls restricting access to members only and other authorized clients; similarly, UW major, minor, and curriculum groups are classified as Restricted and their membership viewer controls restrict access to UW employees only and other authorized clients.
Institutional groups are UW Groups that are automatically updated, nightly or in real-time, from institutional data sources using institutional practices for data management: standard business definitions for membership, published data quality standards, and operational practices to clean and augment data over time. Data custodians for UW institutional data can integrate data for their business domains into the UW Groups service. Examples include:
Refer to UW institutional groups to learn more.
For many UW organizations, using institutional groups, incorporating them into their own UW Groups, and applying them appropriately in multiple application contexts is essential to organizational efficiency.
More about the groups service itself:
More about some of the applications that have integrations with groups:
More about groups integration: