diff --git a/src/Api/Public/Controllers/GroupsController.cs b/src/Api/Public/Controllers/GroupsController.cs
index c049b7a37b..8333bc7368 100644
--- a/src/Api/Public/Controllers/GroupsController.cs
+++ b/src/Api/Public/Controllers/GroupsController.cs
@@ -1,5 +1,11 @@
 using System;
+using System.Linq;
+using System.Net;
+using System.Threading.Tasks;
+using Bit.Core;
 using Bit.Core.Models.Api.Public;
+using Bit.Core.Repositories;
+using Bit.Core.Services;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 
@@ -9,23 +15,121 @@ namespace Bit.Api.Public.Controllers
     [Authorize("Organization")]
     public class GroupsController : Controller
     {
-        /// <summary>
-        /// Retrieves a specific product by unique id
-        /// </summary>
-        /// <remarks>Awesomeness!</remarks>
-        /// <response code="200">Group created</response>
-        /// <response code="400">Group has missing/invalid values</response>
-        /// <response code="500">Oops! Can't create your product right now</response>
-        [HttpGet("{id}")]
-        [ProducesResponseType(typeof(GroupResponseModel), 200)]
-        public IActionResult Get(Guid id)
+        private readonly IGroupRepository _groupRepository;
+        private readonly IGroupService _groupService;
+        private readonly CurrentContext _currentContext;
+
+        public GroupsController(
+            IGroupRepository groupRepository,
+            IGroupService groupService,
+            CurrentContext currentContext)
         {
-            return new JsonResult(new GroupResponseModel(new Core.Models.Table.Group
+            _groupRepository = groupRepository;
+            _groupService = groupService;
+            _currentContext = currentContext;
+        }
+
+        /// <summary>
+        /// Retrieve a group.
+        /// </summary>
+        /// <remarks>
+        /// Retrieves the details of an existing group. You need only supply the unique group identifier
+        /// that was returned upon group creation.
+        /// </remarks>
+        /// <param name="id">The identifier of the group to be retrieved.</param>
+        [HttpGet("{id}")]
+        [ProducesResponseType(typeof(GroupResponseModel), (int)HttpStatusCode.OK)]
+        [ProducesResponseType((int)HttpStatusCode.NotFound)]
+        public async Task<IActionResult> Get(Guid id)
+        {
+            var group = await _groupRepository.GetByIdAsync(id);
+            if(group == null || group.OrganizationId != _currentContext.OrganizationId)
             {
-                Id = id,
-                Name = "test",
-                OrganizationId = Guid.NewGuid()
-            }));
+                return new NotFoundResult();
+            }
+            var response = new GroupResponseModel(group);
+            return new JsonResult(response);
+        }
+
+        /// <summary>
+        /// List all groups.
+        /// </summary>
+        /// <remarks>
+        /// Returns a list of your organization's groups.
+        /// </remarks>
+        [HttpGet]
+        [ProducesResponseType(typeof(ListResponseModel<GroupResponseModel>), (int)HttpStatusCode.OK)]
+        public async Task<IActionResult> List()
+        {
+            var groups = await _groupRepository.GetManyByOrganizationIdAsync(_currentContext.OrganizationId.Value);
+            var groupResponses = groups.Select(g => new GroupResponseModel(g));
+            var response = new ListResponseModel<GroupResponseModel>(groupResponses);
+            return new JsonResult(response);
+        }
+
+        /// <summary>
+        /// Create a group.
+        /// </summary>
+        /// <remarks>
+        /// Creates a new group object.
+        /// </remarks>
+        [HttpPost]
+        [ProducesResponseType(typeof(GroupResponseModel), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
+        public async Task<IActionResult> Post([FromBody]GroupCreateUpdateRequestModel model)
+        {
+            var group = model.ToGroup(_currentContext.OrganizationId.Value);
+            var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
+            await _groupService.SaveAsync(group, associations);
+            var response = new GroupResponseModel(group);
+            return new JsonResult(response);
+        }
+
+        /// <summary>
+        /// Update a group.
+        /// </summary>
+        /// <remarks>
+        /// Updates the specified group object. If a property is not provided,
+        /// the value of the existing property will be reset.
+        /// </remarks>
+        /// <param name="id">The identifier of the group to be updated.</param>
+        [HttpPut("{id}")]
+        [ProducesResponseType(typeof(GroupResponseModel), (int)HttpStatusCode.OK)]
+        [ProducesResponseType(typeof(ErrorResponseModel), (int)HttpStatusCode.BadRequest)]
+        [ProducesResponseType((int)HttpStatusCode.NotFound)]
+        public async Task<IActionResult> Put(Guid id, [FromBody]GroupCreateUpdateRequestModel model)
+        {
+            var existingGroup = await _groupRepository.GetByIdAsync(id);
+            if(existingGroup == null || existingGroup.OrganizationId != _currentContext.OrganizationId)
+            {
+                return new NotFoundResult();
+            }
+            var updatedGroup = model.ToGroup(existingGroup);
+            var associations = model.Collections?.Select(c => c.ToSelectionReadOnly());
+            await _groupService.SaveAsync(updatedGroup, associations);
+            var response = new GroupResponseModel(updatedGroup);
+            return new JsonResult(response);
+        }
+
+        /// <summary>
+        /// Delete a group.
+        /// </summary>
+        /// <remarks>
+        /// Permanently deletes a group. This cannot be undone.
+        /// </remarks>
+        /// <param name="id">The identifier of the group to be deleted.</param>
+        [HttpDelete("{id}")]
+        [ProducesResponseType((int)HttpStatusCode.OK)]
+        [ProducesResponseType((int)HttpStatusCode.NotFound)]
+        public async Task<IActionResult> Delete(Guid id)
+        {
+            var group = await _groupRepository.GetByIdAsync(id);
+            if(group == null || group.OrganizationId != _currentContext.OrganizationId)
+            {
+                return new NotFoundResult();
+            }
+            await _groupRepository.DeleteAsync(group);
+            return new OkResult();
         }
     }
 }
diff --git a/src/Core/Models/Api/Public/GroupBaseModel.cs b/src/Core/Models/Api/Public/GroupBaseModel.cs
new file mode 100644
index 0000000000..8500341a74
--- /dev/null
+++ b/src/Core/Models/Api/Public/GroupBaseModel.cs
@@ -0,0 +1,27 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace Bit.Core.Models.Api.Public
+{
+    public abstract class GroupBaseModel
+    {
+        /// <summary>
+        /// The name of the group.
+        /// </summary>
+        /// <example>Development Team</example>
+        [Required]
+        [StringLength(100)]
+        public string Name { get; set; }
+        /// <summary>
+        /// Determines if this group can access all collections within the organization, or only the associated
+        /// collections. If set to <c>true</c>, this option overrides any collection assignments.
+        /// </summary>
+        [Required]
+        public bool? AccessAll { get; set; }
+        /// <summary>
+        /// External identifier linking this group to another system, such as a user directory.
+        /// </summary>
+        /// <example>external_id_123456</example>
+        [StringLength(300)]
+        public string ExternalId { get; set; }
+    }
+}
diff --git a/src/Core/Models/Api/Public/Request/AssociationWithPermissionsRequestModel.cs b/src/Core/Models/Api/Public/Request/AssociationWithPermissionsRequestModel.cs
new file mode 100644
index 0000000000..c8b53d53cf
--- /dev/null
+++ b/src/Core/Models/Api/Public/Request/AssociationWithPermissionsRequestModel.cs
@@ -0,0 +1,31 @@
+using System;
+using System.ComponentModel.DataAnnotations;
+using Newtonsoft.Json;
+using Bit.Core.Models.Data;
+
+namespace Bit.Core.Models.Api.Public
+{
+    public class AssociationWithPermissionsRequestModel
+    {
+        /// <summary>
+        /// The associated object's unique identifier.
+        /// </summary>
+        /// <example>bfbc8338-e329-4dc0-b0c9-317c2ebf1a09</example>
+        [Required]
+        public Guid? Id { get; set; }
+        /// <summary>
+        /// When true, the read only permission will not allow the user or group to make changes to items.
+        /// </summary>
+        [Required]
+        public bool? ReadOnly { get; set; }
+
+        public SelectionReadOnly ToSelectionReadOnly()
+        {
+            return new SelectionReadOnly
+            {
+                Id = Id.Value,
+                ReadOnly = ReadOnly.Value
+            };
+        }
+    }
+}
diff --git a/src/Core/Models/Api/Public/Request/GroupCreateUpdateRequestModel.cs b/src/Core/Models/Api/Public/Request/GroupCreateUpdateRequestModel.cs
new file mode 100644
index 0000000000..87869d070c
--- /dev/null
+++ b/src/Core/Models/Api/Public/Request/GroupCreateUpdateRequestModel.cs
@@ -0,0 +1,30 @@
+using System;
+using System.Collections.Generic;
+using Bit.Core.Models.Table;
+
+namespace Bit.Core.Models.Api.Public
+{
+    public class GroupCreateUpdateRequestModel : GroupBaseModel
+    {
+        /// <summary>
+        /// The associated collections that this group can access.
+        /// </summary>
+        public IEnumerable<AssociationWithPermissionsRequestModel> Collections { get; set; }
+
+        public Group ToGroup(Guid orgId)
+        {
+            return ToGroup(new Group
+            {
+                OrganizationId = orgId
+            });
+        }
+
+        public Group ToGroup(Group existingGroup)
+        {
+            existingGroup.Name = Name;
+            existingGroup.AccessAll = AccessAll.Value;
+            existingGroup.ExternalId = ExternalId;
+            return existingGroup;
+        }
+    }
+}
diff --git a/src/Core/Models/Api/Public/Response/GroupResponseModel.cs b/src/Core/Models/Api/Public/Response/GroupResponseModel.cs
index dd42c69202..321da1841d 100644
--- a/src/Core/Models/Api/Public/Response/GroupResponseModel.cs
+++ b/src/Core/Models/Api/Public/Response/GroupResponseModel.cs
@@ -1,12 +1,15 @@
 using System;
+using System.ComponentModel.DataAnnotations;
 using Bit.Core.Models.Table;
 
 namespace Bit.Core.Models.Api.Public
 {
-    public class GroupResponseModel : ResponseModel
+    /// <summary>
+    /// A user group.
+    /// </summary>
+    public class GroupResponseModel : GroupBaseModel, IResponseModel
     {
-        public GroupResponseModel(Group group, string obj = "group")
-            : base(obj)
+        public GroupResponseModel(Group group)
         {
             if(group == null)
             {
@@ -14,16 +17,22 @@ namespace Bit.Core.Models.Api.Public
             }
 
             Id = group.Id;
-            OrganizationId = group.OrganizationId;
             Name = group.Name;
             AccessAll = group.AccessAll;
             ExternalId = group.ExternalId;
         }
 
+        /// <summary>
+        /// String representing the object's type. Objects of the same type share the same properties.
+        /// </summary>
+        /// <example>group</example>
+        [Required]
+        public string Object => "group";
+        /// <summary>
+        /// The group's unique identifier.
+        /// </summary>
+        /// <example>539a36c5-e0d2-4cf9-979e-51ecf5cf6593</example>
+        [Required]
         public Guid Id { get; set; }
-        public Guid OrganizationId { get; set; }
-        public string Name { get; set; }
-        public bool AccessAll { get; set; }
-        public string ExternalId { get; set; }
     }
 }
diff --git a/src/Core/Models/Api/Public/Response/IResponseModel.cs b/src/Core/Models/Api/Public/Response/IResponseModel.cs
new file mode 100644
index 0000000000..55fdcbed44
--- /dev/null
+++ b/src/Core/Models/Api/Public/Response/IResponseModel.cs
@@ -0,0 +1,7 @@
+namespace Bit.Core.Models.Api.Public
+{
+    public interface IResponseModel
+    {
+        string Object { get; }
+    }
+}
diff --git a/src/Core/Models/Api/Public/Response/ListResponseModel.cs b/src/Core/Models/Api/Public/Response/ListResponseModel.cs
new file mode 100644
index 0000000000..f65481b8ef
--- /dev/null
+++ b/src/Core/Models/Api/Public/Response/ListResponseModel.cs
@@ -0,0 +1,30 @@
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+
+namespace Bit.Core.Models.Api.Public
+{
+    public class ListResponseModel<T> : IResponseModel where T : IResponseModel
+    {
+        public ListResponseModel(IEnumerable<T> data, string continuationToken = null)
+        {
+            Data = data;
+            ContinuationToken = continuationToken;
+        }
+
+        /// <summary>
+        /// String representing the object's type. Objects of the same type share the same properties.
+        /// </summary>
+        /// <example>list</example>
+        [Required]
+        public string Object => "list";
+        /// <summary>
+        /// An array containing the actual response elements, paginated by any request parameters.
+        /// </summary>
+        [Required]
+        public IEnumerable<T> Data { get; set; }
+        /// <summary>
+        /// A cursor for use in pagination.
+        /// </summary>
+        public string ContinuationToken { get; set; }
+    }
+}