diff --git a/NOTICE b/NOTICE
index 09b911ed5..5addd54ae 100644
--- a/NOTICE
+++ b/NOTICE
@@ -1,6 +1,6 @@
-COmanage Registry
+COmanage Match
 
-Copyright (C) 2010-2019
+Copyright (C) 2018-2022
 University Corporation for Advanced Internet Development, Inc.
 
 Licensed under the Apache License, Version 2.0 (the "License");
@@ -31,6 +31,9 @@ the Contributor License Agreement by,
 
  Spherical Cow Group
  https://sphericalcowgroup.com
+ 
+ The University of California, San Diego
+ https://ucsd.edu
 
 This project uses the following third party utilities, see the appropriate
 files and utilities for further information:
@@ -39,13 +42,12 @@ files and utilities for further information:
  MIT License
  http://cakephp.org
  
- ADOdb (app/Vendor/adodb5)
+ ADOdb (app/vendor/adodb)
  BSD 3-Clause License
  http://adodb.org
  
- Guzzle (app/AvailablePlugin/GithubProvisioner/Vendor/guzzle) 
- MIT License
- https://github.com/guzzle/guzzle
+ Doctrine DBAL (app/vendor/doctrine/dbal)
+ https://www.doctrine-project.org/projects/dbal.html
  
  jQuery (app/webroot/js/jquery)
  MIT License
@@ -67,18 +69,10 @@ files and utilities for further information:
  MIT License
  http://ned.im/noty
  
- PHP GitHub API 2.0 (app/AvailablePlugin/GithubProvisioner/Vendor/guzzle/guzzle)
- MIT License
- https://github.com/KnpLabs/php-github-api
- 
  spin.js (app/webroot/js/jquery/spin*)
  MIT License
  http://spin.js.org
  
- Shibboleth Embedded Discovery Service (app/webroot/js/eds)
- Apache 2.0
- https://shibboleth.net/products/embedded-discovery-service.html
- 
  Superfish (app/webroot/js/superfish)
  MIT License
  https://superfish.joelbirch.co
diff --git a/app/resources/locales/en_US/default.po b/app/resources/locales/en_US/default.po
index 65863da87..fc2416610 100644
--- a/app/resources/locales/en_US/default.po
+++ b/app/resources/locales/en_US/default.po
@@ -267,6 +267,9 @@ msgstr "Page number must be an integer"
 msgid "match.er.parse.json"
 msgstr "Unknown type {0} for key {1} (parseFromJSON)"
 
+msgid "match.er.permission.exists"
+msgstr "A permission already exists for this username and Matchgrid"
+
 msgid "match.er.primary_link"
 msgstr "Could not find value for Primary Link {0}"
 
diff --git a/app/src/Lib/Traits/ValidationTrait.php b/app/src/Lib/Traits/ValidationTrait.php
index 49491b7ec..5ff364e4f 100644
--- a/app/src/Lib/Traits/ValidationTrait.php
+++ b/app/src/Lib/Traits/ValidationTrait.php
@@ -34,42 +34,6 @@
 namespace App\Lib\Traits;
 
 trait ValidationTrait {
-  /**
-   * Perform a conditional validation check, where if a select value matches an
-   * array of values, then another field must not be empty. In theory we should be
-   * able to do this with Cake native conditional validation, but if a field is
-   * not required and null, then Cake doesn't run validation on the value.
-   *
-   * To configure this validation rule, use setProvider():
-   * 
-   *  $validator->setProvider('conditionalRequire', [
-   *                          'inArray' => [valuesThatRequireOtherField],
-   *                          'require' => 'field_to_require',
-   *                          'label'   => 'field label, for use in error message']);
-   *
-   * Note this validation rule is applied on the value that must always be set,
-   * which will result in the validation error being unintuitively placed on the
-   * "wrong" attribute.
-   *
-   * @since  COmanage Common v1.0.0
-   * @param  string $value   Value to validate
-   * @param  array  $context Validation context
-   * @return mixed  True if $value validates, or an error string otherwise
-   */
-  
-  public function validateConditionalRequire($value, array $context) {
-    // What component are we?
-    $COmponent = __('product.code');
-    
-    if(!empty($value)
-       && in_array($value, $context['providers']['conditionalRequire']['inArray'])
-       && empty($context['data'][ $context['providers']['conditionalRequire']['require'] ])) {
-      return __($COmponent.'.er.input.condreq', [$context['providers']['conditionalRequire']['label']]);
-    }
-    
-    return true;
-  }
-  
   /**
    * Determine if a string submitted from a form is valid input.
    *
diff --git a/app/src/Model/Table/PermissionsTable.php b/app/src/Model/Table/PermissionsTable.php
index b728a8944..39931da9d 100644
--- a/app/src/Model/Table/PermissionsTable.php
+++ b/app/src/Model/Table/PermissionsTable.php
@@ -29,6 +29,8 @@
 
 namespace App\Model\Table;
 
+use Cake\ORM\Rule\IsUnique;
+use Cake\ORM\RulesChecker;
 use Cake\ORM\Table;
 use Cake\Validation\Validator;
 
@@ -66,6 +68,25 @@ public function initialize(array $config): void {
     ]);
   }
   
+  /**
+   * Callback to construct RulesChecker.
+   *
+   * @since  COmanage Match v1.0.0
+   * @param  RulesChecker $rules Cake RulesChecker
+   * @return RulesChecker        Cake RulesChecker
+   */
+
+  public function buildRules(RulesChecker $rules): RulesChecker {
+    // We do not allow the same user to have more than one permission on the
+    // same Matchgrid. (Permissions are currently inclusive of lower permissions.)
+    $rules->add($rules->isUnique(
+      ['username', 'matchgrid_id'],
+      __('match.er.permission.exists')
+    ));
+    
+    return $rules;
+  }
+  
   /**
    * Obtain the Permissions for the specified user.
    *
@@ -105,7 +126,17 @@ public function validationDefault(Validator $validator): Validator {
       'content',
       [ 'rule' => 'isInteger' ]
     );
-    $validator->allowEmptyString('matchgrid_id');
+    $validator->notEmptyString('matchgrid_id', null, function($context) {
+      // matchgrid_id may be empty only if the permission is PlatformAdmin
+
+      if(isset($context['data']['permission'])
+         && $context['data']['permission'] != PermissionEnum::PlatformAdmin) {
+        // This rule applies since the permission is not PlatformAdmin
+        return true;
+      }
+      
+      return false;
+    });
     
     $validator->add(
       'permission',
@@ -118,20 +149,6 @@ public function validationDefault(Validator $validator): Validator {
         PermissionEnum::None
       ] ] ]
     );
-    $validator->add(
-      'permission',
-      'conditionalRequire',
-      [ 'rule' => 'validateConditionalRequire',
-        'provider' => 'table' ]
-    );
-    $validator->setProvider('conditionalRequire', [
-      'inArray' => [ PermissionEnum::MatchgridAdmin,
-                     PermissionEnum::ReconciliationManager,
-                     PermissionEnum::ReconciliationSupport
-      ],
-      'require' => 'matchgrid_id',
-      'label' => __('match.ct.matchgrids', [1])
-    ]);
     $validator->notEmptyString('permission');
     
     return $validator; 
diff --git a/app/templates/element/flash/default.php b/app/templates/element/flash/default.php
index 77e07c22c..9f1622fb8 100644
--- a/app/templates/element/flash/default.php
+++ b/app/templates/element/flash/default.php
@@ -1,5 +1,31 @@
 
 <?php
+/*
+ * COmanage Match Default Flash Template
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.0.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
   // Reference examples from Cake 3
   $class = 'message';
   if (!empty($params['class'])) {
diff --git a/app/templates/element/flash/error.php b/app/templates/element/flash/error.php
index 1b46f51ea..70ef60569 100644
--- a/app/templates/element/flash/error.php
+++ b/app/templates/element/flash/error.php
@@ -1,4 +1,30 @@
 <?php
+/*
+ * COmanage Match Error Flash Template
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.0.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
   if (!isset($params['escape']) || $params['escape'] !== false) {
     $message = h($message); // XXX probably redundant
   }
diff --git a/app/templates/element/flash/information.php b/app/templates/element/flash/information.php
index 600ec08c3..62bdcd5bd 100644
--- a/app/templates/element/flash/information.php
+++ b/app/templates/element/flash/information.php
@@ -1,4 +1,30 @@
 <?php
+/*
+ * COmanage Match Information Flash Template
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.0.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
   if (!isset($params['escape']) || $params['escape'] !== false) {
     $message = h($message); // XXX probably redundant
   }
diff --git a/app/templates/element/flash/success.php b/app/templates/element/flash/success.php
index e82d381b2..6ac190ddf 100644
--- a/app/templates/element/flash/success.php
+++ b/app/templates/element/flash/success.php
@@ -1,4 +1,30 @@
 <?php
+/*
+ * COmanage Match Success Flash Template
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          https://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.0.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
   if (!isset($params['escape']) || $params['escape'] !== false) {
     $message = h($message); // XXX probably redundant
   }