Access Policies

Access policies are added to AuthPoint groups to specify which resources users in that group can authenticate to and which authentication methods they can use (Push, QR code, and OTP). For each resource, you add an access policy to the groups that can authenticate to access that resource.

You can add multiple access policies to each group (one for each resource).

Assign Access Policies for Resources

Once you have added and configured resources in AuthPoint, you must add access policies for those resources to each group can authenticate to those resources.

To assign access policies, in the AuthPoint management UI:

  1. From the AuthPoint navigation menu, select Groups.
  2. Click the Name of your group.

  1. In the Access Policy section, click Add Policy.

  1. In the Add Policy dialog box, from the Resource drop-down list, select the resource you want to require authentication for.
  2. (Optional) To require that users type their password before they authenticate for this resource, select the Require Password Authentication slider.

  1. Access policies for an Office 365 resource have a Basic Authentication option (also called Enhanced Client or Proxy). Enable the Basic Authentication toggle if you require authentication for a machine or resource that is part of your Office 365 domain but cannot use MFA, such as a printer.

  1. Select which authentication options users in this group can choose from when they authenticate. For more information about authentication methods, see About Authentication.

    For RADIUS client resources, you can only choose OTP or push. RADIUS client resources cannot use the QR code authentication option.

    For SAML resources, if you select more than one authentication option, users must choose one of the available options when they authenticate. For example, if you select OTP and Push users can choose whether to type their OTP or approve a push to authenticate, but you cannot require that they do both.

Screen shot of Access Policy section of the New Group page.

  1. Click Add.
    The Add Policy dialog box closes.
  2. (Optional) Repeat the previous steps to add access policies for additional resources to the group.
  3. Click Save.

Screen shot of Access Policy section of New Group page.

To edit the access policy for a specific resource, click the resource name to open the Edit Policy dialog box. From there, you can change which authentication methods are allowed for the resource and whether a password is required.

See Also

Configure MFA

Add a Group

About Authentication