PingOne

Creating and managing staging policies

To test risk policy changes before putting them into production, you can create a staging policy that is associated with the risk policy that you’re currently using.

About this task

When an evaluation event occurs for the production risk policy, the incoming risk data is also passed through the staging policy affiliated with the production policy, creating two sets of risk evaluation data: one for the production policy and one for its associated staging policy.

Staging policies are set to expire after 3 months, and the expiration date is displayed next to the risk policy name.

When a staging policy expires, incoming risk data is no longer passed through the staging policy for evaluation.

A screen capture of a risk policy with its associated staging policy below it

Go to Threat Protection → Risk Policies:

Steps

  • To create a staging policy, click the More Options (⋮) icon for the policy and select Create staging policy.

    Result:

    A policy editing window opens, and you can make the changes that you want to test.

  • To unlink a staging policy without promoting it to production, click the More Options (⋮) icon and select Unlink.

    Result:

    The link to the associated policy is removed, and the staging policy changes to a regular risk policy.

  • To promote the staging policy to production, click the More Options (⋮) icon for the policy, and select Promote to production.

    Result:

    When you promote a staging policy to production:

    • The settings in the staging policy are copied to production and replace the production policy settings. The policy name and ID remain the same.

    • The staging policy is unlinked from the production policy and remains in the Risk Policies list.

    A staging policy can be promoted to production even if it has expired as long as it is still linked to the production policy.

  • To delete a staging policy, click the More Options (⋮) icon and select Delete.