Restricting Access to Client Applications
Instructions on how to assign policies to the application.
Assign Authorization Policies to Restrict Access to Client Apps
Go to Applications > Clients and select a client application.
Navigate to Policies tab.
Assign policies governing this application in different scenarios.
For more information, see the glossary definition of Policy.
Select User policy (a set of conditions for the user to access the client application).
Select Machine token policy, used when the application is part of the Client Credentials (machine-to-machine) flow.
Note
The policy that you select is validated before issuing a token for the authorization code/implicit grant flow. If the policy fails, the token is not issued and the user who tries to access the application is not allowed.
Example: Enforce MFA for Users Before Accessing Application
It is a common scenario that before accessing applications, users must authenticate using Multi Factor Authentication (MFA). To enforce MFA upon login:
Navigate to Policies tab of your client application.
Select User Policy input field.
Select the MFA User policy.
Save changes.
Result: Upon login, the users must perform additional verification in order to access your application. See example below.