Which type of security group should you configure for third-party users to access specific organizations in Workday?

The service center (constrained) security group is specifically designed to provide controlled access to third-party users in Workday. This type of security group allows the organization to ensure that external users can only access predetermined configurations and resources relevant to them, enhancing both security and compliance.

This is particularly important for organizations that need to share information with external partners or vendors but want to restrict their access to sensitive data. By using a constrained service center security group, you can define exactly which organizations third-party users can interact with, ultimately helping to manage data visibility and maintain the integrity of the internal systems.

In contrast, aggregation security groups are meant for combining different user groups based on specific criteria, user-based security groups focus on individual user permissions rather than third-party access, and segment-based security groups control access based on business processes or segments rather than directly managing access for external users. Thus, the service center (constrained) group is the most suitable option for managing third-party access effectively.