Configure a user group policy

A user group policy consists of rules, conditions, and permissions. Every Sitecore Content Hub user group has at least one user policy. It is the user policy that determines who has access to an entity and which actions they can perform. When you define multiple rules, an OR clause is used. When you use multiple conditions, an AND clause is used.


You must be a superuser to configure security policies for user groups. All the policies assigned to a user group apply to all the members of the group, including each newly added member.

To configure a user group policy:

  1. Configure rules on entities
  2. Configure rules on portal pages
  3. Configure privileges
  4. Configure member security

If you modify an existing user group policy, remember to clear the cache to apply your changes.

Configure rules on entities

To set up a rule on an entity for a user group:

  1. On the menu bar, click Manage .

  2. On the Manage page, click Users.

  3. On the Users page, click the User groups tab.

  4. Next to the user group for which you are creating rules, click Policies .

  5. On the User group policies page, click New rule.

  6. In the New rule dialog box, select the entity definitions you want to use in the rule, and click OK:

    In the following example, the M.Asset entity definition is selected.

  7. Add conditions.


    You can also add the rule to all entity definitions by selecting the Any definition option.

Add conditions

To add a condition:

  1. Next to the desired rule, click Add condition.

  2. From the Choose definition list, select an option. In the example, Status (M.Final.LifeCycle.Status) is selected.

  3. In the condition, click Select and, in the Select items dialog box, select a final lifecycle status value. In the example, Approved is selected.

  4. To confirm your choices, click Select and then click Save.

  5. If you want users to see only the assets they created, click Only entities created by current user, and click Save:

Define permissions

To define the permissions for a rule:

  1. On the User group policies page, in the rule you defined, select the applicable boxes.

  2. Click Save.

Configure rules on portal pages

After configuring rules on the required entity definitions, you need to set up a separate rule on the Portal.Pages definition, and add the necessary portal pages within conditions so users can see the defined entities.


For search results to account for reference content, make sure the user group policy includes Read permission for Portal.Page: Content detail.

To set up a rule on portal pages:

  1. On the User group policies page, click New rule.

  2. Select the entity definition Portal page (Portal.Page), and click OK.

  3. In the rule, click Add condition.

  4. From the Choose definition list, select Portal page (Portal.Page).

  5. In the condition, click Select.

  6. Select the applicable portal pages, and then click Select. In the following example, Assets and Asset details pages are selected.

  7. In the rule, select the Read permission, and click Save.

Configure privileges

To add privileges to a user group:

  1. On the User group policies page, click the Privileges tab.

  2. Select the applicable privileges. In the following example, ClearCaches and ExportExcel are selected.

  3. Click Save.

Configure member security

  1. On the User group policies page, click the Member security tab.

  2. Follow the steps in Configure member security.

Can we improve this article ? Provide feedback