You can implement adaptive authentication by user, user group, IP address, Geo location etc. Generally speaking, adaptive authentication is controlled by logon policies.
For the general guide to creating a logon policy, expand the link below
Select "Administration | Policies" on the side panel,
To create a new policy, click the "CREATE" button on the toolbar to open the policy editor window.
In the policy editor, firstly select Logon from the Category drop-down list
Policy Bindings
| Holder: | The policy holder defines the scope of the policy.
|
| Name: | An unique name that describe this policy |
| Applications: | Optionally, you can bind the policy to a specific applicaiton or a list of applications. To specify the application(s), select the field: Apply policy to these applications If the field Apply policy to these applications is left empty, then the policy will be applied to all applications. |
Policy Options
There are 3 authentication options:
- Multi-Factor Authentication is not required for all users
- Multi-Factor Authentication is required for users with tokens only
- Multi-Factor Authentication is required for all user
Multi-Factor Authentication is not required for all users
This option means that all users will be exempted from 2FA or MFA. This option is typically used to exempt a group of users from 2FA or MFA.
Multi-Factor Authentication is required for users with tokens only
This option means that users who have a 2FA/MFA token in their account will be enforced to login with 2FA/MFA, while those users who do not have a token 2FA/MFA token will be exempted from 2FA/MFA in the logon process.
Multi-Factor Authentication is required for all users
This option means that all users will be enforced to login with 2FA/MFA
Please note that users in the context of a policy include users in the scope of the policy only, i.e. the policy holder.