Authorization groups determine whether a user has permission to create, change, or display specific objects. This information is stored in the user's master data.