Policies model business requirements into authorization logic. They're built by business analysts who understand your application requirements and the regulations you’re complying with.

Let’s add a policy that will deny payments over $10,000 USD.

  1. Go to Authorization > Policies.

    On the Policies tab, you'll see the default policy set called Policies. Policy sets are like folders that you can use to group and organize policies. You’re going to add your policy to the default policy set.

    Screen capture of the Policies policy set on the Policies tab.
  2. Select the root policy set Policies, then click the + icon and select Add Policy.
  3. For the policy Name, enter Payment checks.

    The red dot on the right indicates that there are unsaved changes in the policy.

    Screen capture of the policy name showing the red dot indicating unsaved changes.

    Now you need a rule that defines the policy logic.

  4. Click + Add Rule.

    To keep things simple, leave out the description for now. When you develop your own policies, you can enter a description to document the underlying business case for the rule or the specific business policy the rule is enforcing.

  5. For the rule Name, enter Deny payments over 10000 USD.
  6. Because you want to deny certain payments, select Deny for the Effect.

    Let’s make a comparison to determine if the payment amount is over $10,000 USD.

  7. Click the hamburger menu next to the Name field and select Add "Applies When".
    1. In the Applies When section, click + Comparison.
    2. In Select an attribute, select Amount, which is the attribute that you added to the Trust Framework.
    3. For the comparator, select Greater Than Or Equal.
    4. For the constant value, enter 10000.

    Your rule looks like this.

    Screen capture of the Deny payments over 10000 USD rule showing the comparison to determine if the payment amount is over 10000.
  8. Click Save changes.

    Your new policy is displayed in the default policy set.

    Screen capture of the Payment checks policy nested under the default Policies policy set.