Authentication policies

Authentication policies are workflows that dictate the authentication mechanisms to execute.

The access control policy attached to the resource can be used to determine the authentication policy with which the user must comply to access the resource. For example, the authentication policy can require the user to provide a one-time password value or authenticate with a user name and password Whether or not an authenticated session exists.

Predefined authentication policies are available by default. See Predefined authentication policies. We can create, modify, or delete authentication policies.Attention: We cannot modify or delete predefined authentication policies.

Use an authentication policy as a permit condition of an access control policy.

• Manage authentication policies
  Authentication policies determine the order and conditions in which various authentication mechanisms are used to successfully authenticate a user. We can view, add, modify, and delete authentication policies.
• Create an authentication policy
  Use the Authentication Policy Editor on the appliance local management interface to create and configure an authentication policy.
• Authentication policy parameters and credentials
  When we add or modify an authentication policy, we specify parameters for the authentication mechanism and the attributes that we want in the credential. The credentials are evaluated as part of the access control decision.
• Predefined authentication policies
  Authentication policies are workflows. They specify the authentication mechanisms that are required so the user can access a resource.
• Manage authentication mechanisms
  Authentication mechanisms determine conditions that successfully authenticate a user. We can view, add, modify, and delete authentication mechanisms.

Parent topic: Advanced Access Control administration