Audience: Administrators
Overview
OrgChart Authorization panel allows Administrators to configure restricted link access, SSO, and access group auto-assignment for certain users, as well as enable/disable some account-wide sign-in options.
Accessing Authorization
1. Click on the Settings button in the bottom right corner, and then select the Account Settings option from the list.
2. Select the Authorization option from the top panel.
General
Check the checkboxes associated with the following options to enable them:
Multi-Factor Authorization is required to login | Require MFA in order to log in to OrgChart (Enterprise Only). |
Enable Administrator User Impersonation | Allow an Administrator to login as another user. This is useful for troubleshooting user-specific issues, or testing advanced security settings. |
Direct sign-in | When enabled, users can sign in directly to the OrgChart application. You can disable this option, if you have successfully configured SSO within your account. |
Link User Configuration
Double-click on a user in this list to reveal the following options for restricted or public link configuration:
Reference the Web Links article for more information.
SSO Configuration
Administrators can integrate OrgChart with their Single Sign-On provider directly in the application. Reference the SSO article for more information.
Auto-assignment configuration
OrgChart allows Administrators to configure conditions under which people are auto-assigned to an access group upon login. For example, all employees in the HR department, should be assigned a specific access group upon login. Reference the Auto Group Assignment article for step-by-step configuration instructions.
Caution
It is possible to lock certain employees, or even yourself, out of the application when configuring Auto-Assignments. Please contact OrgChart Support for help in properly configuring these security settings.
The following options are available after checking the Automatically assign users checkbox:
Base chart to used to validate user | Select the Base chart the assigned user can access. This is the chart that will be used to look up that the user's record exist, in order to automatically assign them an access group upon login. |
Data field used for assignment | Select a field from the data that will be used to assign the access group. |
User record retrieval |
User record retrieval is the method by which OrgChart identifies a user's existence in the base chart that is used to validate the user. The following options are available:
|
Field Record | Select the data field that corresponds with the chosen record retrieval method. For example, if you are using the User Name retrieval method, select the field used to populate the User ID box. See the Identifying the Field in Record section below for more information. |
Data group mapping | Create a group mapping based on the data field used for assignment. Select the field value and the corresponding access group that should be assigned to users with that field value. |
Use default group instead of denying access | If records do not match the auto-assignment mapping configured, use this option to assign them to an alternative access group, rather than denying them access. |
Comments
0 comments
Please sign in to leave a comment.