Base organizations

Organization hierarchy with base organization spotlight

Organization hierarchy with base organization spotlight

Base organizations

Application clients can have base organizations configured. Base organizations close off a specific chunk of the organizational hierarchy and restrict the client to the organizations in that extracted hierarchy.

In addition, application types determine how base organization restriction applies. Access varies between different organizational levels depending on the type of application running the client:

Application typeClient configurationAccess
HybridBase organization with child organizationsfor members of the base and child organizations
Base organization without child organizationsfor members of the base organization
Organization-onlyBase organization with child organizationsfor members of the child organizations only
Base organization without child organizations⚠️no access possible
SimpleBase organization with child organizationsfor members of the base organization only
Base organization without child organizationsfor members of the base organization only

📘

Organization-only applications only handle access to the children of a base organization.

Clients

Clients are the practical implementations of policy settings. Customers enter authentication flows, encounter your brand’s experience, and access their accounts by interacting with clients.

Clients put into practice the configurations applied to applications and/or organizations. However, configurations apply conditionally to clients: the experience customers will ultimately see on their screens will depend on the organizational affiliation of their account, not just the policies applied.

📘

Organization policy overrides allow you to provide organizations with their unique branding, communications, verification and authentication flows, or login options.