PingOne

Adding a policy or policy set

Add PingOne Authorize policies to define the circumstances under which users can access certain resources.

About this task

It’s helpful to frame your policies in terms of what is permitted or denied.

Use policy sets to group policies and organize them hierarchically.

Steps

  1. Go to Authorization > Policies.

  2. Click the icon and select one of the following:

    Choose from:

    • Add Policy Set: Add policy sets to logically group policies and other policy sets.

    • Add Policy: Add policies to logically group rules and other policies.

  3. In the Name field, enter a name relevant to the business rule that you are modeling.

    The red dot on the right indicates that the policy or policy set contains unsaved changes.

    Screen capture of the policy name showing the red dot indicating unsaved changes.
  4. In Applies When, add targets to define when the policy is applied in decision requests.

    You cannot copy Applies When conditions for reuse in other policies or rules.

  5. Add rules, conditions, and statements.

    Use the hamburger menu next to the rule Name field to add Applies When conditions and statements to rules.

  6. Optional: Select the Disable check box to disable your policy or policy set.

    If you disable the policy, the decision engine skips it in evaluation and produces a Not Applicable decision.

    You can also disable rules. If a rule is unreachable because of the rule structure and combining algorithm, disabling that rule has no effect on the final decision.

  7. Click Save changes.

    To copy a policy or rule for reuse, select Make Copy from the hamburger menu of that policy element. You cannot make copies of policy sets.

    If you copy policies containing Library rules or statements, those Library elements are reused in the new policy, not copied. For example, if you copy a policy that contains a custom rule, which in turn contains a Library statement, the rule is copied but the statement is reused.