Manage policies

In the SecureAuth® Identity Platform, you have the option to use a default authentication policy or create your own custom policy with different rules for your resources. Manage your default and custom polices by adding, editing, or copying policies. Custom policies can also be deleted.

Each policy must have at least two authentication rules at any given time. Before you can delete a custom policy, you must reassign any attached resources to another policy.

  1. In the left navigation of the Identity Platform, click Policies.

    policy_001_2104.png
  2. Do one of the following:

    • To configure the rules in a policy, click Edit Default Policy or click the pencil icon next to a custom policy.

    • To add a new policy, click Add new Policy and give it a new name. Make sure to save the new name before making any changes to policy rules.

      Note

      When you edit the policy name, make sure you save your changes before changing any of the policy rules, like on the Authentication Rules tab.

      And vice versa, if you change a policy rule on the Authentication Rules tab, you must save your changes before changing the policy name.

       

      policy_002_2202.png
  3. Configure the Authentication Rules tab. (Step 1 of 4 in the wizard workflow for a new custom policy.)

    These are the adaptive authentication rules like blocking logins from a certain country, allowing logins within a dynamic perimeter, and geo-velocity to determine speed of travel from login point A to login point B.

  4. Configure the Login Workflow tab. (Step 2 of 4 in the wizard workflow for a new custom policy.)

    Choose the login experience for your end users to authenticate, like passwordless or username & password and MFA method.

  5. Configure the Multi-Factor Methods tab. (Step 2 of 4 in the wizard workflow for a new custom policy.)

    Enable the MFA methods for your end users to authenticate, like FIDO2 security keys or timed passcode from an authentication app.

  6. Configure the Resources tab. (Step 3 of 3 in the wizard workflow for a new custom policy.)

    Attach resources like Office 365 and Salesforce to this authentication policy.