The user group created under User & Authentication tab, has to be called under "VPN -> SSL-VPN settings" and associate the respective VPN portal for each user group as show in attached screenshot.
In the SSL-VPN portal you can define the server which user should have access to once the VPN is connected along with other client side settings. This is configured using Predefined bookmark or even you can simply access them using Quick launch. Your Firewall policy with the User-group will decide whether user should be allowed to access the resource or not.
The section you have highlighted in yellow in your question above, is to call a remote user group and map them to a Local Firewall user group and then you can use them under VPN/Firewall policies.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.