About Conditions

Often when creating Policies, organizations may find it is useful to apply restrictions to the Policy. A common type of restriction is a Condition, which provides the organization with the ability to allow or restrict access based on environmental parameters such as:

• Date & Time: for example, allow weekend activity, restrict access based on time of day, etc.

• IP: allow or restrict based on a preconfigured IP range

• Identity Attribute: allow or restrict access based on an attribute associated to the Identity. For example, all users of a specific department; all users within a specific location (country, city, region, etc.), all users with a specific title.

• Request Attribute: allow or restrict access based on the value of a specific request parameter.

Conditions can be created in:

• On the Assets & Conditions tab of the Authorization Workspace
• During the process of creating a new Policy in the Policy Wizard.