In the vCenter Single Sign-On, groups listed on the Groups tab are internal to vCenter Single Sign-On. A group lets you create a container for a collection of group members (principals).

When you add a vCenter Single Sign-On group from the vSphere Web Client administration interface, the group is added to the vsphere.local domain.


  1. Log in to the vSphere Web Client as administrator@vsphere.local or as another user with vCenter Single Sign-On administrator privileges.
    Users with vCenter Single Sign-On administrator privileges are in the Administrators group in the vsphere.local domain.
  2. Click Home, and browse to Administration > Single Sign-On > Users and Groups.
  3. Select the Groups tab and click the New Group icon.
  4. Enter a name and description for the group.
    You cannot change the group name after you create the group.
  5. Click OK.

What to do next

  • Add members to the group.