Skip to main content

OrgChart Help Guide

Authorization

Audience:

Audience: Administrators

Overview

OrgChart Authorization panel allows Administrators to configure Restricted Link access, SSO, and Access Group auto-assignment for certain users, as well as enable/disable some account-wide sign-in options.

Accessing Authorization

Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.

Click on the Account Settings tile.

Setup_Account_Settings_Select.png

Select the Authorization option from the left side menu.

5_3_1_Account_Settings_Authorization.png

General

Check the checkboxes associated with the following options to enable them:

Multi-Factor Authorization is Required to Login

Require MFA in order to log in to OrgChart. Enterprise Only

Refence the Multi-Factor Authentication article for more information.

Enable Administrator User Impersonation

Allow an administrator to login as another user.

This is useful for troubleshooting user-specific issues, and testing permissions.

Reference the Admin User Impersonation article for more information.

Note

To impersonate a user, click on the Support Login link (on the login page), and then enter your user name, password and the Email of the user you would like to impersonate.

Direct Sign-In

Allow users to sign in to the application via the OrgChart landing page.

Note

The option to disable Direct Sign-In is only available if SSO has been successfully configured within your account. Reference the Additional SSO Configuration section of the SSO Configuration article to learn more about this feature, and how it relates to SSO.

SSO Configuration

Administrators can integrate OrgChart with their Single Sign-On provider directly in the application.

Reference the SSO Configuration article for more information.

SharePoint Credentials Configuration

Administrators can set a Master Chart to automatically export to SharePoint on a weekly or monthly basis. In order to do so, SharePoint credentials must be entered in the SharePoint Credentials Configuration section.

Reference the Automatically Export to SharePoint article for more information, and setup instructions.

Auto-Assignment Configuration

OrgChart allows Administrators to configure conditions under which people are auto-assigned to an Access Group upon login. Reference the Auto-Assignment Example for step-by-step configuration instructions.

Warning

WARNING: It is possible to lock certain employees, or even yourself, out of the application when configuring Auto-Assignments. Please contact OrgChart Support for help in properly configuring these security settings.

The following options become made available after checking the Automatically assign users to access group upon login check box.

Auto-Assignment Configuration

Master Chart used to validate user

Select the Master Chart the assigned user can access.

Data field used for assignment

Select the field from the data that will be used to assign the role.

User Record Retrieval - Configure the fields used to identify a chart record that corresponds to a user

User Name

Match chart record to user with the User ID listed in the Account Settings: Manage Users panel.

Case Insensitive Match

Check to allow OrgChart to match a chart record to the user with the User ID listed in the Account Settings: Manage Users panel without considering case.

For example, if the User ID in the Manage Users panel is A123, and the User ID in the chart record is a123, the record will still be correctly identified with the appropriate user.

Email

Match chart record to user with Email Address listed in the Account Settings: Manage Users panel.

Email matching is always case insensitive.

Field in Record

Select the data field that corresponds with the chosen record retrieval method. For example, if you are using the User Name retrieval method, select the field used to populate the User ID box. See the Identifying the Field in Record section below for more information.

Identifying the Field in Record

The following information is needed for identifying which field to select in the Field in Record dropdown menu:

  • Record Retrieval Method - User Name or Email used to match a user with a chart record

  • Field Mapped to Record Retrieval Method - The data field that is used to populate the User ID or Email text boxes in the Account Settings: Manage Users panel.

The following section provides step-by-step instructions for identifying the correct Field in Record field.

  1. Click on the Mode Switcher icon in the Top Toolbar, and then select the Setup option. The Setup panel is displayed.

    Setup_Account_Settings_Select.png
  2. Click on the Account Settings tile, and then select the Manage Users option from the left side menu.

    5_2_1_AS_ManageUsers_Arrow.png
  3. Mouse over a user, and then select the 5_2_1_Penci_bluel_noFill.png icon. The User Information panel is displayed.

    User_Information_Panel_5_3.png
  4. Note the value for either the User ID or Email Address (depending on your selected Record Retrieval Method).

  5. Click on the X (in the top right corner of the User Information panel), and then click on the Exit button (at the bottom of the the Account Settings: Manage Users panel).

  6. Locate the user whose information panel was just open in the OrgChart.

  7. Click on the user, and then click on the Profile icon.

  8. Note the values in the Profile, and the corresponding fields to which they are mapped.

    Match_Record_to_UserID.png
  9. Open the Account Settings panel, and then select the Authorization option from the Settings dropdown.

  10. Click on the Field in Record dropdown menu (under the User Record Retrieval heading), and then select the field that is mapped to the User ID or Email field. For example, if you are using the User Name record retrieval method, select PersonID from the Field in Record dropdown.

Group Mapping - Set which groups line up with values in your data

5_2_RoundPlus_icon.png

Select the field value and corresponding Access Group to assign users who match this criteria.

Use default group instead of denying access

Select a group to automatically assign to users who do not meet any auto-assignment criteria. Checking this box, and then setting a default group will prevent users from being locked out of OrgChart.

Row Level Security

Use data field for Row Level Security assignment

Select a field used to auto-assign Row Level Security. This feature can be used independently, or in conjunction with automatic group assignment.