User Groups in the AITiny configuration are handled STRICTLY.
If a user belongs in any of the User Groups selected, they are allowed access. If the user belongs into none of these selected User Groups, they are denied access.
If the user belongs into a sub-group (child group) of a group already selected they will be DENIED access. This is intentional. It prevents you from doing something unadvisable, like selecting the root user group Public which would give access to all users, even guests.
NEVER SELECT THE Public OR Guest USER GROUPS. Giving non-logged-in users access to AITiny is extremely inadvisable, and can result in exorbitant charges.
Using commercial AI services is expensive. Even if you only intend to use AI for very specific use cases, it is still possible for a malicious user to write content in a way that subverts the AI service integration for generic AI queries at your expense, or simply run a multitude of AI queries to cause financial harm to you. It is, therefore, strongly recommended that you only allow use of AITiny to a small number of trusted users. We also strongly recommend that you monitor the use of your AI service closely and apply reasonable spending limits to avoid mishaps. An ounce of caution is worth a pound of cure.