Authorized Organizations (Pairing)

What Are Authorized Organizations?

Authorized Organizations (also called Pairing) allows users from one Genesys Cloud org to log into and administer a second org — without needing a separate license seat in the target org.

Common use cases:

A support vendor or MSP managing a customer's org
A Genesys partner administering a client environment
A parent company accessing a subsidiary org
Genesys Product Support pairing with your org to troubleshoot

💡 Telecom analogy: Think of this like a Federated Trust between two PBX systems — a technician from System A uses their own credentials to manage System B without needing a local extension or station created for them in System B.

Hard Constraints (Exam Critical)

Constraint	Detail
Same AWS region required	Pairing is only possible between orgs in the same AWS region — cross-region pairing is not supported
Max 25 users	A maximum of 25 users from the requesting org can be authorized to access the target org
No license consumption	Authorized users do not consume a license seat in the target org — they are billed to their home org
Admin tasks only	Authorized users cannot receive ACD interactions (calls, chats, emails), use internal chat, or access the agent dashboard
Division access	Authorized users are automatically granted access to all divisions assigned to the roles they receive in the target org

How Pairing Works — Two Sides

Pairing involves two org administrators: one who requests access and one who grants it.

Side 1: Creating a Pairing Request (Requesting Org)

The org that wants access initiates the request:

Admin → People & Permissions → Authorized Organizations
Click Create Pair
In the selection box, type and select the users or groups from your org who need access
Click Create Pairing Link
Click the copy icon to copy the unique URL
Manually send the link to an administrator of the target org (via email, chat, etc. — Genesys does not send it automatically)

⚠️ The pairing link must be sent out-of-band. Genesys does not email it to the target org.

Side 2: Accepting a Pairing Request (Target Org)

The org being accessed approves and assigns permissions:

Open the pairing link received from the requesting org
Review the prompt and click Yes, I authorize access
You are taken to the paired organization management page
Click on the users or groups included in the request
Assign the specific roles they need (e.g., Admin, Architect, Telephony Admin)
Click Save

⚠️ Until roles are assigned, authorized users have zero permissions in the target org. Accepting the pairing alone grants no access.

Role Assignment in the Target Org

Roles assigned to authorized users work the same as regular role assignments with one important note:

The roles assigned determine what the authorized user can do in the target org
Division access is automatically scoped to all divisions attached to those roles
Roles should follow least-privilege — only assign what the partner/vendor actually needs

Common role assignments for external access:

Scenario	Suggested Roles
Genesys support troubleshooting	Admin (temporary, revoke after session)
Partner building Architect flows	Architect access, flow designer permissions
Vendor monitoring dashboards	Read-only supervisor / analytics roles
MSP full management	Admin or Master Admin (use with caution)

Managing the Pairing

Revoking Access

Go to Admin → People & Permissions → Authorized Organizations
Delete the pairing
This immediately terminates all active sessions for the authorized users in your org

Cloned Users

Authorized users sometimes appear as "Cloned Users" in the org directory
This is expected behaviour — most commonly seen when Genesys Product Support pairs with your org
Cloned users are read-only representations; they do not consume license seats

Pairing vs. Regular User Creation

Factor	Authorized Org (Pairing)	Creating a User in Target Org
License in target org	Not consumed	Consumed
Identity / credentials	Home org credentials	Target org credentials (separate account)
ACD interactions	Not allowed	Allowed (if role permits)
Internal chat	Not available	Available
Max users	25	No pairing limit
Region requirement	Must match	No restriction
Best for	Temporary admin / vendor access	Permanent staff

Permissions Required

Action	Permission
Create pairing request	People & Permissions admin access
Accept pairing request	Admin in the target org
Assign roles to authorized users	Authorization > Grant > Add in the target org
Delete/revoke pairing	Admin in the target org

Architectural Build Order

Avaya-to-Genesys Cloud Reference Guide

Locations & Floor Plans

Licensing & Editions

Global Settings

Onboarding & Access

Security & Compliance

Status & Presence Management

Technical & Routing Behaviours

Access Policies (Attribute-Based Access Control)

Authorized Organizations (Pairing)

Divisions (Access Controls)

Group Telephony & Routing

Groups (People & Permissions)

Roles & Permissions (RBAC)

User profile management

Work Teams

Call Routing & Message Routing

Emergency Groups

External Contacts

Scheduling & Schedule Groups

Queues

ACD Skills & Languages

Wrap-Up Codes

Utilization

Canned Responses & Response Assets

Email — Domains & Routing

Widgets — Web Chat & Web Messenger

Analytics Settings

Panel Manager

Scripts

Assistants

Knowledge Base

Chat & Messaging Configuration

Outbound Dialing — Overview & Settings

Outbound Dialing Modes

Outbound — Contact Lists & DNC

Outbound — Campaign Configuration

Callbacks

Predictive Routing

Agent Copilot (Agent Assist)

Architect Overview

Call Flow Components & Basics

Genesys - Architect - Call Flow UI Overview

Prompt Management

Queue Configuration Reference

Inbound Call Flows

Inbound Message Flows

Operating Schedules

Data Tables

Bot Flows

Common Module Flows & Outbound Call Flows

Inbound Email Flows & Inbound Chat Flows

Secure Call Flows

Virtual Agent Flows (Agentic)

Disconnect Interactions

API Usage

Integration Management

OAuth Clients

Authorized Applications

Single Sign-On (SSO)

Audit Viewer

GDPR and Data Subject Requests

Certificate Authorities

DID & Toll-Free Numbers

Edges & Edge Groups

Extensions

Sites

Topology

Trunks

WebRTC Phone Management

Phone Management

E911 and Emergency Locations

Telephony Connection Options — BYOC Cloud vs BYOC Premises

Development and Feedback

Evaluators

Evluation form

External Metrics

Policies

Programs