Use Location Filter in Pre Authentication Context
Use the location filter criteria created in the Pre Authentication Context.
始める前に
Role required: adaptive_auth_admin
Plugin required: Zero Trust - Location Based Access (com.snc.zero_trust_location_access).
Create a Location Filter with the countries that you want restrict access to the users based on the location. For more information, see Create Location filter criteria.
手順
-
Navigate to .
When a policy is chosen in the pre authentication policy context:
- Selecting the Deny access policy as the default policy allows the access to all users by default and only denies access when the policy conditions defined in the deny access policy evaluate to true.
- Selecting the Allow access policy as the default policy denies the access to all users by default and only allows access when the policy conditions defined in the allow access policy evaluates to true.
The example shows how you can restrict the logins from the specified locations. You can choose the Deny Access and the associated policy (Deny Access) as the Pre Authentication policy and specify the policy inputs and conditions.
-
In the Deny Access Policy, under the Policy Inputs section, select New.
-
Add the Location Filter input and Save.
For example, APAC Region.
The filter is added as Policy Inputs.
-
In the Conditions page, provide the label, conditions, and set it to true.
注:
- In this example, the selection of true as a condition implies that the user logging from the configured regions won’t be able to log in to the instance.
- If the condition is set to false, then only users from configured regions are able to log in to the instance and the other users won’t be able to log in to the instance.