Managing Conditions

  • Updated on Nov 24, 2024
  • Published on May 17, 2023
  • 2 minute(s) read
Prev Next

Creating a Condition

Note

You can create a Condition, as detailed below, in the Authorization Workspace or while creating a new Policy using the Policy Wizard in the WHEN step.

To create a Condition:

  1. In the Authorization Workspace, select the Assets & Conditions tab.
  2. In the Conditions section, click New Conditions. The New Condition screen is displayed.
  3. Enter the Name of the new Condition. It is recommended that you use a meaningful name to help others understand its purpose.
  4. Enter a Description for the Condition (optional).
  5. Select the Type of Condition to be created. Options are:
    • Date & Time
    • IP
    • Identity Attribute
    • Request Attribute
  6. In the Define Condition Rules section, enter the required information (see below).
  7. Click Create. The Condition is created, and the Condition Details screen is displayed. The Condition is listed in the Conditions area of the Authorization Workspace.

About Date & Time Conditions

When defining a Date & Time Condition, you can specify the following options:

  • Months: Options include All, a single month, or any combination of specific months of the year.
  • Days: Options include All, a single day, or any combination of specific days of the week.
  • Time: Options include All Day (24 hours), or you can deselect All Day and specify a start and end time, along with the appropriate time zone.
  • Starting Date/Ending Date: You can specify a start and end date for when the Condition is active, or just a start date or end date.

You can use the OR option to specify another Time & Date range, creating a more complex rule.

About IP Conditions

When defining an IP Condition, you can specify the following options:

  1. Access Type: Options are Allow or Restrict.
  2. IP Range: Specify a valid CIDR IP range.

About Identity Attribute Conditions

When defining an Identity Attribute Condition, you can specify one or more rules:

  1. Select an Identity Attribute from the drop-down list. The Type field (Numeric or String) is populated automatically.
  2. Select the appropriate operator: Equals, Not Equals, Greater than, Less than, In, or Not In.
  3. Enter a value.
  4. To add another rule, click And or OR and define the elements of the rule again.

About Request Attribute Conditions

When defining a Request Attribute Condition, you can specify one or more rules. A Request Attribute is an external parameter sent through the Request that factors into the Policy at run time:

  1. Select a Request Attribute from the drop-down list.
  2. Configure the Type field (Numeric or String) of the Attribute value.
  3. Select the appropriate operator: Equals, Not Equals, Greater than, or Less than.
  4. Enter a value.
  5. To add another rule, click And or OR and define the rule elements again.