It's definitely possible and depends on what kind of authorization providers you are using (old good membership provider, aspnet identiy, etc). just look for code samples in respective docs.
I have an old blog post with code examples of how to create and assign roles (user groups) in Episerver's API (note: using Membership Provider):
https://www.epinova.no/en/blog/handling-episerver-users-and-roles-reference-list/#create_roles
It is possible to create user groups in code on the fly? I have an api end point which returns me a list of permissions. I want to add these permissions to user groups, if they don't already exists, is that possible?