--- title: Create a Coveo group for developers and system integrators slug: '2244' canonical_url: https://docs.coveo.com/en/2244/ collection: coveo-for-sitecore-v5 source_format: adoc --- # Create a Coveo group for developers and system integrators Coveo for Sitecore licenses are managed in the [Coveo Platform](https://docs.coveo.com/en/186/). This makes it easy to share your license with a developer in charge of doing the search implementation. However, providing Administrator access to a Coveo organization in a production environment isn't recommended for all use cases. An Administrator can edit, add, or remove members and groups, which could be a security breach. Instead, you should grant the minimum privileges your members need to accomplish their tasks. Before providing access to your organization to a member, you should: . Review the privilege management process in the [Coveo Platform](https://docs.coveo.com/en/186/) (see [Manage privileges](https://docs.coveo.com/en/3151/)). . Determine the minimum privileges your member will require (see [Determine the privileges to grant](https://docs.coveo.com/en/2822#determine-the-privileges-to-grant)). . Create a group with these minimum privileges (see [Create a new group](https://docs.coveo.com/en/1980#add-or-edit-a-group)). . Create and add the member to the group (see [Add members to a group](https://docs.coveo.com/en/2483/)). This article focuses on the steps required to create a group and define its [privileges](https://docs.coveo.com/en/228/). **Example** You want to grant access to a third party vendor in charge of your Coveo for Sitecore deployment. The recommended access conditions for this vendor are: * Must have full access to the indexed content, the query pipelines, and the analytics reports. * Must not be able to see or edit your groups. To create and configure a group with the required privileges . Access the [**Groups**](https://platform.cloud.coveo.com/admin/#/orgid/organization/groups/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/organization/groups/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/organization/groups/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/organization/groups/)) page in your Coveo organization. If you have access to many organizations, ensure that you select the one you want to grant your member access to. . Add a group and set its privileges (see [Create a New Group](https://docs.coveo.com/en/1980#add-or-edit-a-group) and [Grant Privileges](https://docs.coveo.com/en/2822#grant-privileges)). .. On the **Add a Group** subpage, on the **Configuration** tab, name your group `Sitecore Integrator`. .. Select the **Privileges** tab. .. In the panel Action bar, use the **Template** dropdown menu to provide the group with `Full access`. This setting applies to all privilege domains, in all services (see [About the Template Menu](https://docs.coveo.com/en/2807#about-the-template-menu)). ![Using the Preset dropdown menu to give full access to a group | Coveo](https://docs.coveo.com/en/assets/images/c4sc-v5/sitecore-integrator-group-analytics-full-access.png) .. Select the **Organization** service. .. Ensure that the group has `no access` on the **Groups** privilege domain. ![Denying access to the Groups privilege domain | Coveo](https://docs.coveo.com/en/assets/images/c4sc-v5/sitecore-integrator-group-organization-custom-access.png) .. Click **Add Group**. You're now ready to create a member, assign that member to the `Sitecore Integrator` group and send the member an email invitation (see [Add members to the group](https://docs.coveo.com/en/2483/)).