Organization Details

Use the Organization Details page to search for and select an organization, add a new organization, or edit organization information, such as attributes, customer partners, and security policies.

When you add an organization, you must add the organization's identifying details, attributes, and information for the customer's first user, the initial Dayforce IAM Admin. After adding an organization, you can manage the customer's partner applications and security policies.

Contents

Top
  1. Search for an organization by clicking Search on the Home page or the menu and then, on the Organizations tab, entering or selecting one or more of the following parameters:
  • All or part of the organization ID code
  • All or part of the organization name
  • All or part of theFinance ID
  • Organization status (Active, Inactive, or All)
  • PSID
  • FEIN
  • PSID/FEIN Description
  • PSID/FEN Status
    • Enabled – This option searches only for organizations that have enabled data items. If the organization has no enabled data items, no results are returned.
    • Disabled – This option searches only for organizations that have disabled data items. If the organization has no disabled data items, no results are returned.
    • All – This option searches for all organizations with enabled, disabled, or no data items. This option is selected by default.
  1. Once you have entered the search parameters, click Apply Filter to search.
  2. Select the organization from the search results.

Your user role definition determines the organizations that you can see in search results. You can access only the organizations for the role to which your user account is assigned. For example, users with the IAM Customer Admin role can access information in only that organization. Users with the IAM Dayforce Admin role can access information for multiple organizations.

Note: The search returns organizations that match the values entered in the search parameters. For example, if you are searching for Palmetto LTD, you can enter ‘pal’ in the Organization Name text box and all organizations that contain ‘pal’ in their names are returned. If only one organization meets the search criteria, the organization opens automatically.

Top

You must provide the organization type, the organization name, and the organization ID when you add a new organization. You can edit all of the organization properties except organization name and the organization ID. The:

  • Organization name is an easily-understood name used to recognize the organization. Users enter the organization name when logging in to Identity Access Management
  • Organization ID is a unique identifier for the organization in Identity Access Management.

Identity Access Management provides an Enabled check box, to enable or disable access to the organization. This is useful if you need to prevent users from logging into Identity Access Management for a period of time for some reason, such as to update organizational information. This is also useful if you are in the process of adding an organization but are not yet ready to have users access it.

Note: Disabling an organization also disables all user accounts in the organization. However, if you enable the organization again after disabling it, you will need to enable each user account again.

You must also select the authentication type when you add a new organization. The authentication type determines who verifies user information between Dayforce and partner applications. At this time, Dayforce Authenticated is the only supported authentication type.

Customers can optionally upload a logo to display in the System Details section accessible from each page. The logo must be:

  • A .jpg, .bmp, .png, or .gif file
  • Less than 20 kb
Top

Some partner applications require specific attributes at the organization level and the user level to link to their applications. The organization level attributes must be added manually, and the attribute names must be entered exactly as the information is set up in the partner applications, including capitalization and spacing. For more information, see About Attributes.

Assign organization-level and user-level attributes in the following order:

  • Add organization-level attributes to the organization when the organization is set up.
  • Add the partner application to the organization.
  • Add the partner application to a role in the organization.
  • Assign the role to a user account and enter the user-level attributes.

Caution: If you don't assign the organization-level attributes for the partner application, the icon for the partner application will appear on the Home page, but no users will be able to access the partner application.

Note: User attributes for HR/Payroll Latitude users are provisioned into IAM if the customer uses automatic provisioning. In rare cases, two users may have the same user ID, which is based on the user's employee clock number, employee flxID, or employee number. Duplicate user IDs will cause a provisioning exception that you will need to resolve.

Top

Organizations are set up with the following default security policies
Security Policy Description
Failed Password Attempts The number of unsuccessful login attempts before the user's account is locked.
Maximum Password Age The maximum number of days before you must change your password. The default value is 10 days.
Minimum Password Length

The minimum number of characters your password must contain. The default value is 7 characters.
Password History Length The number of passwords that must have been used before you can reuse a previous password. The default value is 24 passwords. For example, if your password is W2017diner!, you must change your password at least 24 times before you can reuse that password again.
Session Timeout

The number of minutes your Identity Access Management session can be inactive before your session is ended and you are logged out. The default value is 30 minutes.

The applications you use after logging in to Identity Access Management may have different session timeout values. If the application session timeout is longer than the IAM session timeout, the application session is still active after IAM times out.
Number of Secret Questions The number of secret questions users are required to set up. The default value is 5. When a user requests to reset a password by answering secret questions, Identity Access Management presents two of these questions that the user must answer successfully.
Top

The user account that is created when you add the organization is the first user in the organization, and is the first user assigned the IAM Customer Admin role responsibilities for the organization, by default. The IAM Customer Admin has the ability to create other user accounts, roles, and assign data items to users within the organization.

When you set up this user account, make sure that Send Welcome Email is selected in the User Account Reset section. IAM sends the user an email with the required information for the user to log in.

This user logs in with the account name set up on this page.

Top
  • To add and manage users, including assigning roles, click Users.
  • To add partner applications for the organization, click Customer Partner Profile.
  • To manage data profiles and data items or PSIDs, click Data Profile.
  • To manage user provisioning, click User Provisioning.
  • To review provisioning exceptions, click Provisioning Exceptions.
Top
  1. Search for an organization by clicking Search on the Home page or the menu and then, on the Organizations tab, entering or selecting one or more of the following parameters:
  • All or part of the organization ID code
  • All or part of the organization name
  • All or part of theFinance ID
  • Organization status (Active, Inactive, or All)
  • PSID
  • FEIN
  • PSID/FEIN Description
  • PSID/FEN Status
    • Enabled – This option searches only for organizations that have enabled data items. If the organization has no enabled data items, no results are returned.
    • Disabled – This option searches only for organizations that have disabled data items. If the organization has no disabled data items, no results are returned.
    • All – This option searches for all organizations with enabled, disabled, or no data items. This option is selected by default.
  1. Once you have entered the search parameters, click Apply Filter to search.
  2. Select the organization from the search results.

Your user role definition determines the organizations that you can see in search results. You can access only the organizations for the role to which your user account is assigned. For example, users with the IAM Customer Admin role can access information in only that organization. Users with the IAM Dayforce Admin role can access information for multiple organizations.

Note: The search returns organizations that match the values entered in the search parameters. For example, if you are searching for Palmetto LTD, you can enter ‘pal’ in the Organization Name text box and all organizations that contain ‘pal’ in their names are returned. If only one organization meets the search criteria, the organization opens automatically.

Top
  1. Open the Search Organizations page as described in Search.
  2. Click Add a New Organization.
  3. In the New Organization pop-up window, select the organization type.
  4. Enter the organization name. This is the name customers enter as the Organization ID when they log in.
  5. Enter the organization ID. This is an internal identifier for the customer.
    No special characters are allowed in this field except a hyphen.
  6. Select the authentication type.
  7. Select the account linking type.
  8. Enter the Finance ID.
  9. In the Default URL for WelcomeLetter list, select the default welcome letter to be sent for your organization.
  10. If you want to upload a client logo to replace the Dayforce logo displayed on the user's profile, click Browse.
    1. Navigate to the logo file, select it, and click Open.
  11. Select Send Event Update Email To All Users if you want to send email updates to all users when changes are made to the organization.
  12. In the MFA Configuration panel, you can enable Multifactor Authentication (MFA) and configure the following MFA options for the organization:
    1. Mutli Factor Authentication – enables multifactor authentication when selected and enables all MFA options on the page for selection
    2. Access IAM when MFA provider is unavailable – when selected, allows users to access IAM when the Authy service is unavailable to verify users
    3. Allow VOIP Phone Numbers – when selected, allows voice over IP telephone numbers to be used for multifactor authentication
    4. Days to Remember Users – A value from 0 to 30 is allowed. A value from 1 to 30 allows the user to login to IAM without verifying their identity if they have done so within the configured number of days. 0 disables this option, requiring users to verify their identity every time they login. The default value is 1.
    5. IAM Roles – when selected, enables MFA for the Client Admin, Client User roles or both; both options cannot be blank, one role must be selected
  13. If you require any other attributes, in the Attributes section, click Add.
  14. Enter the attribute name and value.
  15. Add any other customer-level attributes.
  16. Click Save.
Top
  1. Do one of the following:
    • If you have access to multiple organizations, search for and select an organization.
    • If you have access to only one organization, on the Home page, click Administration > Organizations.
  2. In the Attributes section on the Organization Details page, do one of the following:
    • Click Add, and then enter the attribute name and value.
    • Click the attribute you want to edit, and then change the attribute name or value.
  3. Click Save.
Top
  1. Do one of the following:
    • If you have access to multiple organizations, search for and select an organization.
    • If you have access to only one organization, on the Home page, click Administration> Organizations.
  2. In the Security Policy section on the Organization Details page, select new values for any of the security policy parameters you want to change.
  3. Click Save.
Top
  1. Open the Search Organizations page as described in Search.
  2. Select the organization.
  3. On the Organization Details page, clear the Enabled check box.

    A message appears asking you to confirm the action and stating that all users for the organization will be disabled.

  4. Click OK to disable the organization and the organization's users.
  5. Click Save.

Related resources