--- title: Configuring a flow policy description: Configure flow policies to control which flows and flow versions are displayed for users. component: davinci page_id: davinci:applications:davinci_configuring_a_flow_policy canonical_url: http://docs.pingidentity.com/davinci/applications/davinci_configuring_a_flow_policy.html revdate: May 6, 2024 section_ids: steps: Steps result: Result: --- # Configuring a flow policy Configure flow policies to control which flows and flow versions are displayed for users. ## Steps 1. On the **Applications** tab, browse or search for the application and click **Edit**. 2. On the **Flow Policy** tab, click **+ Add Flow Policy**. 3. In the **Policy Name** field, enter a name for the flow policy. 4. Select **PingOne Flow Policy** to enable flows in the policy to be launched directly through PingOne. This option cannot be changed after the flow policy is created. PingOne flow policies can only include flows and flow versions that have the **PingOne Flow** setting enabled. 5. (Optional) If the flow policy is a PingOne flow policy, select one or more options for bypassing the flow if an existing session is found. This option is useful if you want to avoid unnecessary flow executions for users who already have a session. The **PingOne Authentication - Return Success** node includes the appropriate session options. 1. Select **Password Based Authentication** to bypass the flow if a password-based session exists, and select **MFA Based Authentication** to bypass the flow if an MFA-based session exists. | | | | - | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | If you select both **Password Based Authentication** and **MFA Based Authentication**, the user's session must have both authentication method reference values for the flow to be bypassed. | 2. For each selected authentication method, provide a time range by entering a number and selecting minutes, hours, or days. The flow is only bypassed if the existing session was created within the time range you select. 6. Click **Next**. 7. Add one or more flows to the policy: 1. In the **Flows** section, select a flow. 2. In the **Version** section, select one or more versions of the flow to use. The **Latest Version** option always uses the latest version. 3. (Optional) Repeat the previous steps to add additional flows. 8. Click **Next**. ### Result: The **Edit Your Weight Distribution** modal opens. 9. Add weight distribution and analytics information for each flow and flow version: 1. In the **Distribution** field for each flow version, enter or select a distribution weight from 1 - 100. When a flow policy with more than one flow is invoked, the flow policy selects a flow to run, using the distribution weight for each flow as the percent chance of its selection. You can use this feature to A/B test flows or flow versions. 2. (Optional) Click **Add IP Whitelist**, then enter one or more IP addresses in the **Whitelist IP** field. | | | | - | -------------------------------------------------------------------------------------------------------------------- | | | If a request comes from an IP address on the allow list, the weight is ignored, and the specified flow is triggered. | 3. (Optional) In the **Analytics - Select Success Nodes** list, select one or more nodes that, when run, indicate that the flow run was successful. This information is used to calculate the flow policy's success rate. 10. Click **Create Flow Policy**. 11. Click the **General** tab, then click **Apply**.