About Adding and Managing Organization Information in Dayforce Identity and Access Management
Dayforce Identity Access Management (IAM) allows you to add and manage user and data security for an organization through one user interface. You can:
- Set up organization information and import users into the organization
- Set up and maintain the organization's security policy, within the restrictions of the Dayforce domain security policy
- Set up and administer secret questions for additional security
- Add roles and assign resources to roles to control access
- Add user accounts
- Add and maintain partner applications and attributes for single sign-on access
Process
With each piece of information you add, you build a comprehensive security policy for an organization and its users.
| Step | Description |
|---|---|
| 1 - Add the organization and import users | Create the organization and initial user accounts using a file import. Refer to Managing File Imports. |
| 2 - Add organization-level attributes for partner applications | Add the organization-level attributes for the applications the organization wants to offer. Although automatic provisioning adds the organization information, the process does not know which applications the organization wants to offer, so you must add these attributes at the organization level to continue. |
| 3 - Add partner applications | Add the partner profile to the organization. Users will access these applications from the Home page or the My Applications menu. If the partner application already exists, just add the partner profile to the organization. |
|
4 - Add roles |
Identity Access Management automatically creates the IAM Customer User role as a standard role for every organization. Add any custom roles to the organization. |
| 5 - Assign partners and pages to roles | For each role, add the partner applications and pages the role is allowed to access. Roles that are specific to a partner application are also added to the organization at this time. |
| 6 - Assign users to roles | Assign users to roles based on the partner applications the user should access. You can assign users to roles using the Users page. |
| 7 - Add data profiles | Create a data profile and add data items, FEINs or PSIDs, to the data profile. You can add multiple data items to a data profile, and you can use the same data items across multiple profiles. |
| 8 - Set up security policy | Set up the minimum password age in days, number of allowed failed login attempts, minimum password length, minimum numbers of days before the user must change the password, and the number of minutes before a user's inactive session closes. You can edit the organization's security policy as long as it is as strong as the domain security policy, or leave the domain security policy as the default policy. You can also enable multifactor authentication to require an additional layer of security when users log on to IAM. |