Set the Minimum Assurance Level for a Risk-Based Authentication Policy
The minimum assurance level determines the confidence threshold that each authentication attempt must meet for the user to avoid being challenged for identity confirmation. The setting is in the RBA policy for each security domain. Each time a user authenticates, the risk engine evaluates the device match and user behavior in real-time to produce an assurance level. The risk engine compares the user’s assurance level with the minimum assurance level in the RBA policy. If the user’s level is lower than the minimum, the user is prompted for identity confirmation.
Before you begin
Plan how the minimum assurance level is determined. For more information, see Minimum Assurance Level.
Procedure
In the Security Console, click Authentication > Policies > Risk-Based Authentication Policies > Manage Existing.
Click the policy that you want to configure, and select Edit.
In the Enablement and Assurance Settings section, select the Minimum Assurance Level that you require for successful authentication.
Note: Changing this setting may affect how often users are prompted to confirm their identity.
Click Save.
Related Concepts
Related Articles
Configure Assurance Levels Number of Views Assurance Levels Number of Views Specify the Default RADIUS Profile Number of Views Simplify Identity Access and Assurance Decisions on AWS with RSA SecurID and Session Tags Number of Views Evaluating Assurance Levels and Primary Authentication Status to Return Authentication Methods Number of Views
Trending Articles
RSA Authentication Manager Upgrade Process RSA Release Notes for RSA Authentication Manager 8.8 RSA RADIUS Server service failed to start in the RSA Authentication Manager 8.1 Operations Console Microsoft Entra ID External MFA - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide RSA Release Notes: Cloud Access Service and RSA Authenticators
