---
title: Adding time range rules
description: Add a time range rule, which examines a request and determines whether to grant access to a backend target site based on the request falling within a defined time frame.
component: pingaccess
version: 9.0
page_id: pingaccess:pingaccess_user_interface_reference_guide:pa_adding_time_range_rules
canonical_url: https://docs.pingidentity.com/pingaccess/9.0/pingaccess_user_interface_reference_guide/pa_adding_time_range_rules.html
revdate: February 13, 2023
section_ids:
  about-this-task: About this task
  steps: Steps
  choose-from: Choose from:
---

# Adding time range rules

Add a time range rule, which examines a request and determines whether to grant access to a backend target site based on the request falling within a defined time frame.

## About this task

You can use this rule when you want to restrict access to specific endpoints for certain time periods, such as during the work day from 8:00 a.m. to 5:00 p.m.

## Steps

1. Click **Access**, then go to **Rules > Rules**.

2. Click **[icon: plus, set=fa]Add Rule**.

3. In the **Name** field, enter a unique name up to 64 characters long.

   Special characters and spaces are allowed.

4. From the **Type** list, select **Time Range**.

5. In the **Start Time** field, enter the beginning time for the time frame, such as 8:00 a.m.

6. In the **End Time** field, enter the ending time for the time frame, such as 5:00 p.m.

   |   |                                                                                                                            |
   | - | -------------------------------------------------------------------------------------------------------------------------- |
   |   | If you are using Internet Explorer or Firefox, you must enter the time in 24-hour format. For example, 5:00 p.m. is 17:00. |

7. If access is not allowed when a match is found, select the **Negate** check box.

8. To configure rejection handling, click **Show Advanced Settings**, then select a rejection handling method.

   ### Choose from:

   * If you select **Default**, use the **Rejection Handler** list to select an existing [rejection handler](pa_rejection_handlers.html) that defines whether to display an error template or redirect to a URL.

   * If you select **Basic**, you can customize an error message to display as part of the default error page rendered in the end user's browser if rule evaluation fails. This page is among the templates you can modify with your own branding or other information. If you select **Basic**, provide the following:

     1. In the **Error Response Code** field, enter the HTTP status response code to send if rule evaluation fails.

        The default is `403`.

     2. In the **Error Response Status Message** field, enter the HTTP status response message to send if rule evaluation fails.

        The default is `Forbidden`.

     3. In the **Error Response Template File** field, enter the HTML template page for customizing the error message that displays if rule evaluation fails. This template file is located in the `<PA_HOME>/conf/template/` directory.

     4. From the **Error Response Content Type** list, select the type of content for the error response.

        This lets the client properly display the response.

9. Click **Save**.