Access policy for OAuth or OIDC

Access policy is used to enable advanced authentication scenarios when performing an OAuth flow.

For details on access policy, see Access policies.

When using access policy for OAuth or OIDC, the consent decision can be made by the access policy.

• Making an OAuth or OIDC consent decision using access policy
  We can use an access policy to prompt the user to enter further information via a web page or redirect the user to another website. This logic could be used to perform the consent step when advanced logic beyond "prompt once", "always prompt", or "never prompt" is required.

Parent topic: OAuth 2.0 and OIDC support