In this section we will covers various concepts related to CQ Authorization and groups and users available OOTB.

Users:

Each user account in CQ is unique and holds basic information to authenticate against repository.

Groups:

Groups are collection of users. Groups are used to simplify permission management for set of users.

Default users and Group in CQ (Source):

Permission:

Permission defines who is allowed to perform which action on resource. Permissions are stored at resource level in CQ. Permission can be either allow of deny.

Actions:

Actions are action users can perform on resource. OOTB following actions are available (Source)

In later section we will cover how to create users and group and how to manage there permission using CQ console.