Meet us at GISEC | RSA Conferences to explore our solutions. Know More
 +1 978 658 9387    Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

Policies Overview

What is a Authentication Policy :

An Authentication Policy binds an Application to a User Group so they can access the application. While creating a new policy, the admin has to choose the application for which they want to create the new policy along with the User Group they want to attach that policy with.The admins can also choose if they want to enable Multi-Factor Authentication or Adaptive Authentication for the policy.

In case, multiple policies are created for an application with multiple groups and the user is part of all of these groups then a weight based algorithm
finds the policy with the highest score for the login session. Policies with custom groups are given priority over policies with the DEFAULT group.

The image below shows how the policy works in a login flow.

miniOrange Identity Platform Admin Handbook: Policies Flowchart

Few thing to note about policies :

  1. You can create only one policy for an application with a specific group.
  2. You can create multiple policies for an application with multiple groups.

You have to configure the following options while adding a new Policy :


Application The application for which you want to add the policy
Group Name The Group with which you want to bind the application.
Policy Name A unique name for the policy so it can be identified from the list of policies.
Login Method The authentication method for Users. You can choose
  1. Password : Users are prompted for authentication with their username/email and Password.
  2. Mobile Only Authentication : After entering their usernames/emails, the users are directly prompted for MFA authentication without the need for entering the password. [2FA and Adaptive Authentication cannot be used with Mobile Only Policy.]
Enable 2-Factor Authentication (MFA) Enable this option if you want to enable MFA on top of the user authentication. Note: Can be only used with Password as the login method.
Enable Adaptive Authentication Enable this option if you want to enable Adaptive Authentication on top of the user authentication. The type of Adaptive Authentication and the Adaptive Authentication Policy has to be configured in this case. Note. Either MFA or Adaptive Authentication can be enabled in a policy and not both.
  • This section allows you to define and assign access policies to all the configured apps. You can add a policy to the required app for all users or for a specific group of users.
  • You can click on Edit to change the existing policy on any app.
    • miniorange Identity Platform Admin Handbook: Edit policy

  • Click on Add Policy. You can also enforce Two factor and adaptive authentication policies for individual.
    • miniorange Identity Platform Admin Handbook: Add Policy