Risk-Based Authentication Message Policy
The risk-based authentication (RBA) message policy defines the message that users see when they are prompted to configure their identity confirmation method. You might use this message to inform users about why they need to configure an identity confirmation method. This message displays when all of the following conditions exist:
The user authenticates to a web-based application, such as an SSL-VPN, thin client, or web portal.
The user has not configured an identity confirmation method.
The user attempts to authenticate using a high assurance device.
You can assign an RBA message policy to any security domain. A deployment can have multiple RBA message policies, which you assign by editing the security domain. Security domains use the deployment’s default RBA message policy until you assign a different RBA message policy.
Related Tasks
Add a Risk-Based Authentication Message Policy
Edit a Risk-Based Authentication Message Policy
Delete a Risk-Based Authentication Message Policy
Duplicate a Risk-Based Authentication Message Policy
Change the Default Risk-Based Authentication Message Policy
Assign a Risk-Based Authentication Message Policy to a Security Domain
Related Articles
Change the Default Risk-Based Authentication Message Policy Number of Views Duplicate a Risk-Based Authentication Message Policy Number of Views Add a Risk-Based Authentication Message Policy Number of Views Delete a Risk-Based Authentication Message Policy Number of Views Edit a Risk-Based Authentication Message Policy Number of Views
Trending Articles
An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process
