Logon policies can be defined for a user with respect to certain restrictions, schedule and network addresses. You may create multiple policies depending on the level of access you wish to grant. For example, you may want to set up restricted day-based access for remote users or add multi factor authentication. This section will help you define required such logon policy details.
The system provides a Default Logon Policy which can be applied to users added to the system whether they are updated one by one or in bulk. You can update any policy type as a Default Policy. This can be configured only viz Platform Configuration.
Understanding policy parameters
The table below provides details about setting up policies for a user or a group of users while logging into the system and accessing functionalities of the system. Policies can be based on a combination of parameters or just individual parameters. At any point, only one policy can be enforced for a user.
You can not only select the frequency of policy prompts but also set dates from 1-31 on which you would like the policy to be enforced.
You can mark the ‘Any’ checkbox or you may specify a time.
You can mark the ‘Any’ checkbox or you may specify an IP segment from the ranges made available in the drop down list.
You can mark the ‘Any’ checkbox or you may specify an IP segment.
Select the MFA type.
Adding Logon Policy
A New Logon Policy can be configured depending on the restrictions as to the periodic intervals that the policy will have to be triggered. You can define a User Logon Policy within Platform Configuration → under User Management → Logon Policy.
Editing an existing policy
To edit any existing policy parameters, select the edit button next to the policy name and the desired parameter. The system, by default, installs a default policy. This can be toggled to update policy from the Logon Policy Page and update the Default User Logon Policy.
Setting default policy
You can set the policy as default by clicking on any of the 'Set as Default' options, which will automatically convert it into a default policy.