The country location is determined by the IP address of the accessing device and not by the IP address of the authentication device.

  1. From within the relevant policy, click + Add Rule and from the Conditions list, select Accessing from countries.
    A screen capture of the + Add Rule button and list.
  2. From the Action list:
    • Authenticate: Allows a user to authenticate using any of the authentication methods allowed at the policy level.

      If more than one authentication method is available, the method initiated by default is the method most recently paired by the user that is authenticating.

    • Deny: Denies access.
    • Select a specific authentication method. The options listed are defined by those configured at policy level. For a description of each authentication type, see Rule authentication actions.

    A screen capture of the Accessing from countries rule wizard displaying the Action and Countries configuration.
  3. From the Countries list, select the check box of each country to which you want the policy to apply.
    Search bar Use to search for a specific country, enter the country name or part of the name. Only countries whose name contains that string are displayed.
    Show Only Selected Use to show only the countries you have selected.
    Select All Use to select all countries.
  4. If you have more than one rule listed, from the Rules list, click and drag the new rule and place it in the order you want it to be considered. Click Save Order.
  5. Click Save.
To ensure the policy is applied to your organization, go to PingID > Configuration and ensure Enforce Policy is set to Enabled.