You can assign access via Azure AD group membership.
Based on the information you have provided, I’m assuming you’re currently using an internal Identity Group and you probably want to be using an external Identity Group for user membership management.
I’m assuming you don’t want to manage membership within Vault itself, but rather offload that to your existing Azure AD group membership management processes.
If that’s the case then please reference the following links:
and
If you need further flexibility then combining the two group types could be beneficial (add the external group as a member of an internal group, where the internal group has a policy attached). I’m beginning to experiment with this myself and am finding ways to delegate management of Vault in a more controlled fashion.
If you’re looking to understand how to add more than one member at a time to an internal group, then you need to provide a complete list of members to the group. Adding one at a time will overwrite the existing membership, if I’m remembering correctly.