Create Policies

STARTERTEAMENTERPRISE

Policies are what grant users access to Resources.

To define a Policy, go to Policies -> Add Policy.

Policies define a single Group's access to a single Resource.

Note: To preserve audit trails, Policy details cannot be changed once a Policy is created. Double-check to ensure the Group, Resource, and/or conditions are correct before creating the Policy.

On Team and higher plans, you may restrict access further based on the below conditions.

Client location

Client location

Restrict access only to Clients connecting from specific countries. When this is specified, the Client's IP address will be used to lookup the country of origin.

Client IP address or CIDR

Client IP address or CIDR

Restrict access to a specific IP address or range of Client IP addresses.

Identity provider

Identity provider

Restrict access based on the authentication provider that was used to authenticate the Client.

Time of day

Time of day

Restrict access to certain time windows throughout the week based on the 24hr time and specified time zone.

The time zone determines the offset used when determining whether to allow access for a particular Client. For example, if you specify a time window of 08:00-17:00 and time zone of Eastern, Clients in the Pacific timezone 3 hours behind will be allowed access from 05:00-14:00 Eastern time.


Need additional help?

See all support options or try asking on one of our community-powered support channels:

Or try searching the docs:
Found a problem with this page? Open an issue
Last updated: August 02, 2024