Grouper operates on a hierarchical tree or folder based design, where groups can be nested within other groups. Management of individual groups or entire folders can be delegated, and group memberships can be automatically calculated based on various criteria. Database level point-in-time audit capability is provided.

Groups can be sourced from authoritative sources ("loader" groups), calculated based on rules applied to other groups ("composite" groups), or managed manually ("ad hoc" groups). Group members are based on "subject sources", typically provided by an external person registry. Support for email invitation of external participants is also available. The resultant groups can be published to LDAP or queried via VOOT or web services APIs.

Provisioning and integration via LDAP, SCIM, SQL, VOOT.

As of v2.2, Grouper ships with a completely new web-based user interface. (The legacy "admin" and "lite" interfaces remain available.) Grouper Web Services offer access to group management capabilities via SOAP and REST-like interfaces.

Grouper offers VOs the ability to represent complex group relationships (hierarchical, set oriented, etc.), and the delegated administration of those memberships.

Grouper requires Java and an RDBMS (PostgreSQL, MySQL, Oracle, etc.). In addition, the UI and WS require ant, a servlet container (e.g. Tomcat), and a web server (e.g. Apache).

High Availability is achieved by making the relevant components highly available.

On-going maintenance will be funded by the Internet2 TIER initiative for the next several years.