You can have customized groups with different access rights on your program. HackerOne program administrators can set these access rights for groups on your team. All security programs start with Admin and Standard default groups with set permissions that you can't edit, but you can still add or remove users to these groups.
Adding a New Group
To add a new group and set access rights:
Go to your program's Settings > General > Group Management.
Click Add Group.
Write the name of the group in the Name field.
Select the permissions you want to enable for the group. You can select from these options:
Option
Details
Report
Users in the group can:
Post comments
Change report states
Edit report titles and vulnerability types
Suggest bounties
Add/Remove external participants from reports
Edit common responses
Edit triggers
Request public disclosure
Agree to public disclosure request
Create CVE ID Requests
Transfer reports
Program
Users in the group can:
Edit profile, program and bounty settings
Invite hackers
View billing information
Edit inbox views
Reward
Users in the group can:
Grant rewards
Post comments
Suggest bounties
Admin
Users in the group can:
Add/Remove users
Edit user permissions
Note: All groups have the ability to view reports and post internal comments by default.
Click Create.
To edit your group name and permissions, click Edit next to the group you want to edit in Settings > General > Group Management.
Adding or Removing Users
To add or remove users:
Click Add/Remove users.
Select the checkbox of the users you want to add to the group.
Deselect the checkboxes of the users you want to remove from the group.
