About Identity Access Management (IAM)
Dayforce Identity Access Management (IAM) is the Internet-based application that Dayforce administrators and organization administrators use to manage user access, compliance, security, and risk policies for an organization. Identity Access Management controls:
- Which users have security permissions to log in to Dayforce and partner applications
- The organization and payroll service ID (PSID) information that users have security permissions to work with
- The Dayforce and partner applications that users have security permissions to open
Identity Access Management decouples identity management from specific Dayforce applications and offers it as a service that internal and external partners can use. When a user logs in to Identity Access Management and lands on the Identity Access Management Home page, the user is authenticated (or validated) one time. Then the user can open supported applications, internal and external, that are available for the user.
Contents
With Identity Access Management, you can:
- Import users into an organization and set up organization information such as the client-friendly ID used for logging in
- Set up and maintain the organization domain security policy, within the restrictions of the Dayforce domain security policy
- Set up and administer secret questions for additional security
- Add roles and assign resources to roles to control access
- Add user accounts
- Add and maintain partner applications and attributes for single sign-on access
User accounts, which contain user names and passwords, control access to Dayforce and partner applications. When you add a user account for an organization in Identity Access Management, you assign a unique user name and password for the user account.
The first time a new user logs in to the Identity Access Management, the user must:
- Change the initial password
- Enter answers to specific secret questions
- If Multifactor Authentication (MFA) is enabled for the organization, complete MFA setup as described in First-Time User Process with MFA Top.
Role assignments determine the applications and pages that each user can work with. By default, when the user account is added, Identity Access Management assigns the IAM Customer User role to all new user accounts. The Dayforce administrator or organization administrator can then changes roles for the user account.
Related resources
- About Adding and Managing Organization Information in Dayforce Identity and Access Management
- About Multifactor Authentication
- About Organizations
- About Setting Up Partner Applications
- About Setting Up Roles and Users
- Domain Security Policy
2/21/2024