Set the Minimum Assurance Level for a Risk-Based Authentication Policy

The minimum assurance level determines the confidence threshold that each authentication attempt must meet for the user to avoid being challenged for identity confirmation. The setting is in the RBA policy for each security domain. Each time a user authenticates, the risk engine evaluates the device match and user behavior in real-time to produce an assurance level. The risk engine compares the user’s assurance level with the minimum assurance level in the RBA policy. If the user’s level is lower than the minimum, the user is prompted for identity confirmation.

Before you begin

Plan how the minimum assurance level is determined. For more information, see Minimum Assurance Level.


  1. In the Security Console, click Authentication > Policies > Risk-Based Authentication Policies > Manage Existing.

  2. Click the policy that you want to configure, and select Edit.

  3. In the Enablement and Assurance Settings section, select the Minimum Assurance Level that you require for successful authentication.

    Note: Changing this setting may affect how often users are prompted to confirm their identity.

  4. Click Save.