Can I use G Suite Groups to control access to accounts?

Yes, designate a Directory Admin for your domain. That person can authorize read-only access to the G Suite Groups and Group members of your domain.

Then you can designate a Group as the account owner. For example, the cameras for Camio's own San Mateo office are associated with the group, and all members of that Group are considered Guests with Can View permission:


Group members with the roles of Manager or Owner (instead of just Member) have Can Manage permission.

Authorize read-only access to Groups

To enable Camio to read your domain's Groups:

  1. Contact us to assign your Domain Admin, then open the page:
  2. Assign the Directory Admin, who is the person with permission to grant read-only access to your domain's Groups and Group membership.
  3. Ask the newly assigned Directory Admin to press the Authorize button after signing in to that same /domains page. The Authorize button opens this link to grant read-only access to Groups:
  4. Verify that you can now see your G Suite Group memberships as JSON output at:

  5. Register each Box to its Group account owner.


When the account is a Group from your Directory, the /guests page excludes the ability to add/remove Guests. And the permissions Can View and Can Manage are instead controlled by whether the user's Group membership role is MEMBER or MANAGER/OWNER respectively.


NOTE: the read-only permission granted by your Directory Admin is used to lookup the Group memberships to know whether a person has access to view recorded video. So if the Directory Admin user ever changes, it's important that the new Directory Admin re-authorize the read-only access to Groups in step 3 above.


Have more questions? Submit a request