--- title: Configuring an access from specific countries rule (web policy) description: Define which authentication action to prompt the user with on the machine used for web access, according to country. component: pingid page_id: pingid:pingid_service_management:pid_configuring_access_from_specific_countries_rule_web_policy canonical_url: http://docs.pingidentity.com/pingid/pingid_service_management/pid_configuring_access_from_specific_countries_rule_web_policy.html revdate: January 27, 2024 section_ids: about-this-task: About this task steps: Steps result: Result: choose-from: Choose from: next-steps: Next steps --- # Configuring an access from specific countries rule (web policy) Define which authentication action to prompt the user with on the machine used for web access, according to country. ## About this task | | | | - | --------------------------------------------------------------------------------------------------------- | | | The country is determined by the IP address of the accessing device and not by the authenticating device. | ## Steps 1. From within the relevant policy, click**[icon: plus, set=fa] Add Rule** and from the list, select **Accessing From Countries**. ![A screen capture of the Rules section with the + Add Rule list displayed.](_images/uxv1564020575238.png) ### Result: The **Accessing From Countries** rule wizard opens. 2. From the **Action** list, select the action to use when signing on in the selected countries. ### Choose from: * **Deny** (default): Deny access for authentication requests originating from the selected countries. * **Authenticate**: Allow the user to authenticate using any of the authentication methods allowed at the policy level. * **Allowed Methods**: Click **Allowed Methods** to reveal a list of authentication methods allowed by this policy, and then select the check box of each authentication method that you want to allow for this rule. See [Rule authentication actions](pid_rule_auth_actions.html) for description per authentication type. 3. From the **Countries** list, select the check box next to each country that you want to include in the rule. ![A screen capture of the Accessing From Countries section with the Countries list displayed and an active country search of "united".](_images/poy1564020575850.png) | Action | Description | | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | Search by name | In the **Search** box, enter a string or part of a string to search for a specific country. The list of countries is filtered to display only countries containing the string. | | View only the selected countries | Click **Show Only Selected**. | | Select all countries in the list | Click **Select All**. | | Clear all selections | Click **Unselect All**. | 4. Click **Save**. 5. If you have more than one policy listed, in the **Policy** list, click and drag the new policy and place it in the order in which you want it to be considered. Click **Save Order**. ## Next steps To ensure the policy is applied to your organization, go to **PingID → Configuration** and ensure **Enforce Policy** is set to **Enabled**.