Access Policy Examples

Document created by RSA Information Design and Development on Jul 14, 2016Last modified by RSA Information Design and Development on Oct 20, 2017
Version 20Show Document
  • View in full screen mode

Rule Set Example Using the Trusted Location Attribute

All users from the selected identity source who signed into the application portal can see the application icon in the portal and are evaluated for step-up authentication using the following conditions:

  • Users authenticating with known browsers in a trusted location can open the application without additional authentication.
  • Users authenticating with unknown browsers in a trusted location must authenticate at the Low assurance level.
  • Users who are not in a trusted location and are in the United States must authenticate at the High assurance level.
  • All remaining users are denied access.

Rule Set Example Using the Trusted Network Attribute

All users from the selected identity source who signed into the application portal and match at least one user attribute can see the application icon in the portal. Matching users are evaluated for step-up authentication using the following conditions:

  • Users who are in a Trusted Network can open the application without additional authentication.
  • Users who are not in a Trusted Network and are in Brazil must authenticate at the Low assurance level.
  • Users who are not in a Trusted Network and are in Argentina, Chile, or Colombia must authenticate at the Medium assurance level.
  • All remaining users are denied access.

Rule Set Example Using the Country Attribute

All users from the selected identity source who signed into the application portal can see the application icon in the portal and are evaluated for step-up authentication using the following conditions:

  • Users authenticating from Barbados, Belize, or Dominica cannot open the application.
  • Users authenticating from the United States or from known browsers and were not denied access in the previous condition can open the application without additional authentication.
  • All remaining users who were not denied access in a previous conditions and are authenticating from unknown browsers must authenticate using the High assurance level. This condition is also a fallback method to handle any users whose countries could not be resolved.

 

 

 

You are here
Table of Contents > Access Policies > Access Policy Examples

Attachments

    Outcomes