Adding a policy or policy set - PingOne - PingOne Services - PingOne Authorize - PingOne Cloud Platform

PingOne Cloud Platform
bundle
pingone
ft:publication_title
PingOne Cloud Platform
Product_Version_ce
PingOne
PingOne Cloud Platform
category
Administratorguide
ContentType
Guide
Product
Productdocumentation
p1
p1cloudplatform
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

Add PingOne Authorize policies to define the circumstances under which users can access certain resources.

It’s helpful to frame your policies in terms of what is permitted or denied.

Use policy sets to group policies and organize them hierarchically.

  1. Go to Authorization > Policies.
  2. Click the + icon and select one of the following:
    • Add Policy Set

      Add policy sets to logically group policies and other policy sets.

    • Add Policy

      Add policies to logically group rules and other policies.

  3. In the Name field, enter a name relevant to the business rule that you are modeling.
    Note:

    The red dot on the right indicates that the policy or policy set contains unsaved changes.


    Screen capture of the policy name showing the red dot indicating unsaved changes.
  4. In Applies When, add targets to define when the policy is applied in decision requests.
    Note:

    You cannot copy Applies When conditions for reuse in other policies or rules.

  5. Add rules, conditions, and statements.
    Note:

    Use the hamburger menu next to the rule Name field to add Applies When conditions and statements to rules.

  6. Optional: Select the Disable check box to disable your policy or policy set.
    If you disable the policy, the decision engine skips it in evaluation and produces a Not Applicable decision.
    Note:

    You can also disable rules. If a rule is unreachable because of the rule structure and combining algorithm, disabling that rule has no effect on the final decision.

  7. Click Save changes.
    Note:

    To copy a policy or rule for reuse, select Make Copy from the hamburger menu of that policy element. You cannot make copies of policy sets.

    If you copy policies containing Library rules or statements, those Library elements are reused in the new policy, not copied. For example, if you copy a policy that contains a custom rule, which in turn contains a Library statement, the rule is copied but the statement is reused.