# Permission management

In *SecureAccess® CLOUD* it is possible to grant or deny access to the users for every specific web application. In the subdomain section the administrator can click on the ![](https://3407554211-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Lc6SmWC2XaTk3mzBSlS%2F-Lc76ZAGg83M7B1vvwnS%2F-Lc7CA-t7V03dy73TpvF%2Fzzzzzzzzzzzzzzzzzzzz.png?alt=media\&token=6e85874c-8bef-463b-b6f8-ffa899de4697)  button and a new screen will be shown in order to manage the permission rights for registered users and groups for that specific subdomain. 

![Image 1: Subdomain permissions management page](https://3407554211-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-Lc6SmWC2XaTk3mzBSlS%2F-Lc76ZAGg83M7B1vvwnS%2F-Lc7CG7b11pOrjnQRlIM%2Fimage.png?alt=media\&token=d23501ff-7feb-4718-ba9c-e2d087a446bb)

By default, all users and groups are allowed to access the web application. From the screen above you can add or remove permissions for each user and groups.  

Permissions set at user level are always overriding permissions set at groups level.