Group aliasing

You can hide, rename, and add groups in Opal that you imported from your IDP, without affecting the group in your underlying IDP. This can be useful to clarify to end users which apps they should request to access, and helps simplify the Catalog experience.

Hide groups in Opal

You may want to hide groups that certain users should belong to, but which you don’t intend for other users to access—for example, an engineering group Engineering Birthright may not make sense for users outside of that organization. Hiding a group does not alter its display in your IDP—Okta, Azure, Workday, etc.—and hidden groups are still visible to admins and owners in the Inventory.

To hide a group in Opal, go to the Inventory page and find the group. Select the eye icon in the far right column, then confirm the modal.

Rename groups in Opal

Renaming a group can help you clarify to end users the effects of requesting access.

For example, you may have an Okta group named Design Tooling, which you don’t want to rename in Okta but only want to use in Opal for Figma access. Select Edit Catalog Name to rename the group—in this example, to Figma Editor—so users know what they’re requesting. The name in the Inventory then remains the same.

Add groups as resources in Opal

You may want to create groups in Opal which do not have access relationships in your IDP. For example, Okta push groups may need to be requested by end users to associate the group and app, but the group should not have direct access to Okta apps. For these cases, you can add groups as resources from the app's Inventory page by selecting Add Resources.