Before you start authorizing group access to applications, you will need to set up your identity bridge, and add the relevant applications for your single sign-on (SSO) users.
You can use PingOne groups to authorize user access to applications based on a user's group membership. To do this, you will assign applications to groups. This authorizes the group members to access the applications and displays the applications on each member's PingOne dock. Only members of the group will then have access to the application.
By default, all users in your PingOne groups are given access to the applications you have added. Applications that you do not assign to a group are available to all users (they can SSO to the application URL), but the applications will not be displayed in their PingOne dock.