The default policy is a global policy that is applied to any application in your organization where no application-specific policy is defined. The default policy rules are applied when a user attempts to access the protected application through web access or sign on.
By default, the default policy includes a single default action Authenticate that is applied to a user access request. You can edit the default policy to modify the default action or to include additional rules.
An application- or group-specific policy always overrides the default policy configuration. To configure an application- or group-specific policy, see Configuring an app or group-specific authentication policy.
In the admin portal, go to
.The Default Policy is displayed.
Click the Expand icon ( ), and then click the Pencil
icon ( ).
The Default Policy section displays showing the Default Action rule.
To edit the Default Action rule, click the
Arrow icon to expand the rule.
The Default Action rule determines which authentication action will be performed when no other default policy rule applies.
Select the action you want to apply:
- Approve: Approve access without requiring PingID authentication.
- Authenticate: Allow the user to authenticate using any of the authentication methods available to the user, and allowed at the policy level.
- Allowed Methods: Click Allowed Methods to reveal a list of authentication methods allowed by this policy, and then select the check box of each authentication method that you want to allow for this rule. See Rule authentication actions for description per authentication type.
- Deny: Deny access.
From the Allowed Authentication Methods list, select a
specific authentication method check box.
The options listed are defined by those configured at policy level. For descriptions by authentication type, see Rule authentication actions.
To add and configure one or more rules to replace the Default
- Click + Add Rule.
- Configure one or more of the following rules:
- Configure a company network access rule
- Configure a rule for access from specific countries
- Configure access rule from a new device
- Configure recent authentication from office access rule
- Configure recent authentication access rule
- Configure mobile OS version access rule
- Configuring a recent authentication from company network rule
- Configuring an IP reputation rule (web policy)
- Configuring a geovelocity anomaly rule (web policy)
- Configuring a limit push notifications rule
- Click Save.