The last step to reuse an authentication policy in multiple SP connections is to map the authentication policy contract into the applicable SP connections.

Generally speaking, for IdP Browser SSO use cases, if you have selected authentication policy contracts in your authentication policies, you must map the authentication policy contracts to the applicable SP connections.

  1. Select the applicable SP connection from the Identity Provider menu.
  2. On the Activation & Summary screen, click Authentication Source Mapping.
  3. Click Map New Authentication Policy and follow the on-screen instructions to map the authentication policy contract into the SP connection.

Similarly, to reuse an authentication policy for browser-based OAuth authorization code and implicit flows, map the authentication policy contract to the applicable Browser SSO connections and OAuth grant-mapping configuration (see Managing authentication policy contract grant mapping).