Requires turning on Groups for Business
As a Groups administrator, you can set organization-wide options that control who can access, create, and participate in groups at your users’ Google Groups app. For example, you might decide that only admins can create groups, but users can view messages and post. Or you might let users or even external customers create and manage groups.
No matter what option you select here, group addresses still appear as suggestions when typing addresses in Gmail or Calendar invitations.
What admins can control
These options set organization-wide defaults and available options for group owners, at groups.google.com. Based on options you choose here, owners can also set group-level settings.
Admins are group owners: No matter what settings you choose here, as a Groups admin you have owner privileges for all groups in your organization, even ones you didn’t create. You can do anything with a group that a group owner can do.
Links go to details below on which setting to use.
|Accessing groups from outside the organization
Groups can be accessed by:
Groups can be created by:
|Anyone in the organization can create groups|
|Unchecked (not allowed)|
|Incoming emails from outside the organization||
|Unchecked (not allowed)|
|Default for permission to view conversations
(default permission that group owners can change for a group)
By default, group conversations can be viewed by:
|All organization users|
|Both options unchecked (owners can’t hide groups)|
* Public settings are available only if you allow public access to groups, in the first setting listed above.
Step 1: Open sharing options
First, access sharing options.
Using the Admin console
In the Admin console, go to Menu AppsGoogle WorkspaceGroups for Business.
- Click Sharing settings.
- Continue below to apply settings.
Step 2: Apply your settings
Next, select your preferences. Also see below for help with common scenarios.Accessing groups from outside this organization
Your options for controlling external access to your groups are:
- Public on the Internet—Anyone inside or outside your organization can view the list of groups in your Google Groups directory. Depending on a group’s settings, people can:
- View the group's information page, including its conversation history (archive).
- Manage their subscriptions to the group.
- Post messages to the group.
- Private—Only people in your organization can access your organization's groups in Google Groups. External members, if allowed, can access groups by email only.
|Only organization admins can create groups||Any administrator in your organization can create groups.|
|Anyone in the organization can create groups||Users in your organization can create groups.|
|Anyone on the internet can create groups||Users in your organization and anyone on the web can create groups. This setting is available if the organization-wide group access option is set to public.|
Your options for allowing external users to interact with your groups are:
- Group owners can allow external members—Group owners can add members outside of your organization to their groups and can allow them to join their groups.
- Group owners can allow incoming email from outside the organization—Group owners can allow people outside your organization to send email to their groups.
Selecting these options doesn’t set them as a default or mean owners must give these permissions. Leaving the options unchecked means that group owners cannot allow external group members or emails.
Selecting these options:
- Affects what configurations are available to group owners at groups.google.com
- Doesn’t change the default group-level settings or mean that owners must give these permissions
Leaving both options unchecked:
- Means that group owners can’t allow external group members or emails
- Doesn’t prevent admins from allowing external members or messages for specific groups in the Admin console or with the Groups Settings API
Changing these settings does not affect any existing external group member or message.
You can set the default for who can view conversations in your organization’s groups. Other default settings are derived from this setting, like Who can post and Who can view members. Group owners and managers can change the default setting for any individual group.
|Option||Who can view conversations|
|Owners only||Only people with the owner role|
|Owners and managers||Only people with the owner or manager role|
|All group members||Anyone with the member role
(If you set the organization-wide group access setting to private, external group members, if allowed, can only view conversations by email.)
|All organization users||Anyone in your organization, regardless of whether they’re group members|
|Anyone on the internet||Anyone, including people outside your organization
Setting the organization-wide group access setting to private:
Your organization's groups are available in users' Google Groups directory—available from users' App launcher and at groups.google.com. You can decide if group owners can hide a group from your organization’s Groups directory. If you let owners hide their groups, you can also choose whether new groups are hidden by default. For details, see Who can see group in the general Group settings.
No one, including admins, group owners, members, and non-members, can see a hidden group in All Groups. However:
- Group owners and members can always see their groups in My groups.
- Groups admins can see all of their organization’s groups in Groups in the Admin console.
|Group owners can hide groups from the directory|
|Hide newly created groups from the directory|
Only available if you check the setting above
Settings for common scenarios
Here's how to combine settings for the following scenarios.Keep your organization’s groups completely private
For maximum privacy for your groups, use these settings:
|Accessing groups from outside this organization||Private|
|Group owners can allow external members||Unchecked|
|Group owners can allow incoming email from outside the organization||Unchecked|
|Group owners can hide groups from the directory||✔|
|Hide newly created groups from the directory||✔|
Use this table to see what happens if you set the organization-wide group access setting to private and choose either or both external user options:
|Group owners can allow external members||Group owners can allow incoming email from outside the organization||Result|
|✔||✔||Both organization and external users can become group members and post messages to the group. External members can post by email only.|
|✔||Both organization and external users can become group members, but only organization members can post messages to the group.
Example: A feature testing group where you want external members to receive messages from the group but only provide feedback through specific channels, not through the group
|✔||Only organization users can become group members, but both organization and external users can post messages to the group. External users can post by email only and can’t view messages from the group.
Example: A customer support team group where you want external users to be able to submit messages but not see the group content
Allow people outside your organization to access your groups.
Note: A group’s members list isn’t displayed in calendar invitations that external users create, unless you change the group’s access level settings.
|Accessing groups from outside this organization||Public on the internet|
|Group owners can allow external members||✔|
|Group owners can allow incoming email from outside the organization||✔|
Change your settings
Changing sharing settings has different effects, depending on the setting.
If you change the Accessing groups from outside this organization setting, the change affects new and existing groups. If you change the access from public to private and any existing groups have external members, those members can:
- No longer access their groups in Google Groups, regardless of the group settings
- Still send email to and receive email from their groups, depending on the group settings
If you change the Creating groups option from anyone in the organization or anyone on the web to only allow admins to create groups:
- Existing user-created groups remain active.
- Messages can still be sent to user-created groups.
If you change any other setting, the change affects only groups created in the future, not existing groups.