Safe AI Workbench Developer DocsAI-powered workspace with PHI protectionHIPAA-compliant API

Groups & Sharing Guide

Manage team access to AI tasks with groups and sharing controls

What are Groups?

Groups allow you to organize users and control access to AI tasks. Use groups to:

Share custom AI tasks - Make tasks available to specific teams
Control task visibility - Limit which tasks users can see and execute
Organize by department - Create groups for HR, Finance, Ops, etc.
Apply group-specific policies - Different safety rules for different teams

Creating a Group

Create groups via the Admin Dashboard or API:

POST /api/groups
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

{
  "name": "HR Team",
  "description": "Human Resources department access to HR-focused AI tasks",
  "orgId": "org_abc123"
}

Response:

{
  "groupId": "grp_xyz789",
  "name": "HR Team",
  "description": "Human Resources department...",
  "orgId": "org_abc123",
  "createdAt": "2024-01-15T10:30:00Z",
  "memberCount": 0,
  "taskCount": 0
}

Adding Members to Groups

Add users to a group to grant them access:

POST /api/groups/:groupId/members
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

{
  "userId": "usr_abc123",
  "role": "member"  // or "admin" for group administrators
}

💡 Member Roles:

member - Can use shared tasks, view group info
admin - Can add/remove members, share tasks, edit group

Sharing Tasks with Groups

When you create a custom AI task, you can share it with specific groups:

POST /api/admin/tasks
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

{
  "taskKey": "hr-exit-interview",
  "name": "Exit Interview Summary",
  "description": "Summarize exit interview notes and extract key themes",
  "category": "hr-comms",
  "systemPrompt": "You are an HR professional...",
  "userPromptTemplate": "Summarize this exit interview: {content}",
  "maxTokens": 1000,
  "enabledForAll": false,  // Not available to all users
  "enabledGroupIds": ["grp_xyz789"]  // Only shared with HR Team group
}

✅ Result: Only members of the "HR Team" group can see and execute the "Exit Interview Summary" task.

Listing User's Groups

Users can view their group memberships:

GET /api/groups/my-groups
Authorization: Bearer YOUR_API_KEY

Response:

{
  "groups": [
    {
      "groupId": "grp_xyz789",
      "name": "HR Team",
      "description": "Human Resources department...",
      "role": "member",
      "joinedAt": "2024-01-10T08:00:00Z",
      "taskCount": 5  // Number of tasks shared with this group
    },
    {
      "groupId": "grp_abc456",
      "name": "All Employees",
      "description": "Default group for organization-wide tasks",
      "role": "member",
      "joinedAt": "2024-01-01T00:00:00Z",
      "taskCount": 20
    }
  ]
}

Group-Specific Policies

Apply different safety policies to different groups:

// Example: Finance team has stricter SSN blocking
POST /api/admin/policies
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

{
  "name": "Block All SSNs (Finance Only)",
  "pattern": "\\b\\d{3}-\\d{2}-\\d{4}\\b",
  "isRegex": true,
  "action": "block",
  "enabled": true,
  "groupId": "grp_finance123"  // Only applies to Finance group
}

// HR team has more permissive policy (redact instead of block)
POST /api/admin/policies
{
  "name": "Redact SSNs (HR Team)",
  "pattern": "\\b\\d{3}-\\d{2}-\\d{4}\\b",
  "isRegex": true,
  "action": "redact",
  "enabled": true,
  "groupId": "grp_hr456"  // Only applies to HR group
}

⚠️ Policy Precedence: Group-specific policies are evaluated after global policies. If a global "block" policy triggers, group policies won't override it.

Example Use Cases

HR Department

Group: "HR Team" with 8 members

Custom tasks: Exit Interview Summary, Performance Review Helper, Onboarding Guide
Policies: Redact SSNs (not block), allow employee names
Access: Can see all default tasks + HR-specific custom tasks

Finance Team

Group: "Finance & Accounting" with 12 members

Custom tasks: Budget Variance Analysis, Invoice Reconciliation, Tax Form Extractor
Policies: Block credit cards, block SSNs, warn on large numbers
Access: Can see finance tasks + organization-wide tasks

All Employees (Default)

Group: "All Employees" with 150 members

Tasks: All 20 default tasks (meeting notes, memo drafter, email responder, etc.)
Policies: Standard PHI detection, block SSNs, warn on profanity
Access: Read-only, cannot create custom tasks

Best Practices

Create an "All Employees" default group

Share organization-wide tasks with everyone automatically

Use descriptive group names

"HR Team" is better than "Group 1" for clarity

Assign group admins for delegation

Let department leads manage their own group memberships

Review group memberships quarterly

Remove users who change roles or leave the organization

Next Steps

Groups API Reference →

Complete API documentation for group management

Policy Management →

Learn how to apply group-specific policies