diff --git a/README.md b/README.md
index 6259517..ec38d0c 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,7 @@ Concourse resource for secrets stored in IBM Cloud Secrets Manager instances.
 - **endpointURL**: _Required_ Endpoint URL of the Secrets Manager instance to connect to, see [secrets manager docs](https://cloud.ibm.com/apidocs/secrets-manager/secrets-manager-v2?code=go#endpoints) for more details.
 - **apikey**: _Required_ API key that allows access to read from the respective secrets manager instance.
 - **secretName**: _Required_ Name of the secret in the secrets manager instance. This is the name, not the ID of the secret. The secret will be searched for by name through the API.
+- **secretGroupID**: _Optional_ ID of the secret group to narrow down the search for the secret.
 
 ### Example
 
diff --git a/internal/smr/models.go b/internal/smr/models.go
index 0d51f0c..ac9ee57 100644
--- a/internal/smr/models.go
+++ b/internal/smr/models.go
@@ -41,9 +41,10 @@ type InConfig struct {
 }
 
 type Source struct {
-	EndpointURL string `json:"endpointURL"`
-	ApiKey      string `json:"apikey"`
-	SecretName  string `json:"secretName"`
+	EndpointURL   string `json:"endpointURL"`
+	ApiKey        string `json:"apikey"`
+	SecretName    string `json:"secretName"`
+	SecretGroupID string `json:"secretGroupID"`
 }
 
 type CheckResult []Version
diff --git a/internal/smr/resource.go b/internal/smr/resource.go
index 42561be..7776db5 100644
--- a/internal/smr/resource.go
+++ b/internal/smr/resource.go
@@ -60,7 +60,7 @@ func Check(r io.Reader) error {
 		return err
 	}
 
-	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source.SecretName)
+	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source)
 	if err != nil {
 		return err
 	}
@@ -92,7 +92,7 @@ func In(r io.Reader, target string) error {
 		return err
 	}
 
-	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source.SecretName)
+	metadata, err := GetSecretMetaDataBySecretName(*secretsManagerService, config.Source)
 	if err != nil {
 		return err
 	}
diff --git a/internal/smr/secrets.go b/internal/smr/secrets.go
index 173b7f5..31bbac9 100644
--- a/internal/smr/secrets.go
+++ b/internal/smr/secrets.go
@@ -56,9 +56,11 @@ func (s *SecretMetadata) Id() (string, error) {
 	return *s.ID, nil
 }
 
-func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, name string) (*SecretMetadata, error) {
-	listSecretsOptions := &sm.ListSecretsOptions{
-		Search: &name,
+func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, source Source) (*SecretMetadata, error) {
+	listSecretsOptions := &sm.ListSecretsOptions{Search: &source.SecretName}
+
+	if source.SecretGroupID != "" {
+		listSecretsOptions.Groups = append(listSecretsOptions.Groups, source.SecretGroupID)
 	}
 
 	pager, err := service.NewSecretsPager(listSecretsOptions)
@@ -77,11 +79,11 @@ func GetSecretMetaDataBySecretName(service sm.SecretsManagerV2, name string) (*S
 	}
 
 	if len(results) == 0 {
-		return nil, fmt.Errorf("cannot find secret with name %q", name)
+		return nil, fmt.Errorf("cannot find secret with name %q", source.SecretName)
 	}
 
 	if len(results) != 1 {
-		return nil, fmt.Errorf("more than one secret was found searching for %q", name)
+		return nil, fmt.Errorf("more than one secret was found searching for %q", source.SecretName)
 	}
 
 	data, err := json.Marshal(results[0])