What's the difference between groups and roles?

Question

A lot of identity management implementations use roles in addition to groups. How are they different? So far I haven\'t found a compelling use case for separating the two. A

Answer 1

Roles are sets of rights

Groups are sets of people

Imagine you have 2 groups of people (G1, G2) using an application (A1) for which you have two types of users: administrators and read only users.

You can create a role of admin on A1, define its rights and give G1 this role If G2 also needs these rights, you don't have to grant them one by one, you can simply give G2 the same role you created for G1