Who is this article for?

Administrators responsible for authentication management.

Administrator permissions are required.

This article explains what security groups you need to set up for Single Sign-On (SSO) to work effectively.

1. Standard roles

The following two groups will need to be added to your Active Directory:

• PolicyConnect User
• PolicyConnect Administrator 

Users who will be logging in to PolicyConnect to only view policies will need to be added to the PolicyConnect User group.

Users who will be logging into PolicyConnect to manage and view policies will need to be added to the PolicyConnect Administrator group.

Do not add the user to multiple security groups this can cause access issues.

2. Enterprise Structure roles

There is a third group for enterprise customers with a parent site. They need to create a third group in their Active Directory:

• PolicyConnect Group Administrator

This is required to grant a user Administrator access in master sites.

3. Additional roles

This section only applies to clients subscribed to the Board Governance or HR modules.

The Board Governance and HR Administrator Modules are ‘Secure Sections’, visible only to users with the PolicyConnect Board Governance or HR Administrator roles.

These roles are standalone permissions and must be assigned alongside a standard user role to access a PolicyConnect site.

Add the following groups to your Active Directory for these roles:

• PolicyConnect HR Administrator
• PolicyConnect Board Governance