Use the location filter criteria created in Session Access to reduce roles based on the location of the user.
시작하기 전에
Role required: adaptive_auth_admin
Plugin required: Zero Trust - Location Based Access (com.snc.zero_trust_location_access).
The following procedure describes on how to create a Location Filter with the countries that you want to remove or limit roles to the users based on the location.
프로시저
-
Navigate to .
-
To create a session access role configuration, select New.
-
On the form, fill the fields:
표 1. Session Access Role Configuration
| Field |
Description |
| Name |
Name of the configuration |
| Description |
Short description of the configuration. |
| Policy |
Choose the access policy. Use the look-up icon to view the list of policy.주: You must add the location filter input and conditions by opening the policy record. |
| Action |
Remove Roles or Limit to Roles.
- Remove Roles: When the configured user logged in, the list of roles provided in the Role or Group List are removed for the logged-in session.
- Limit To Roles: When the configured user logged in only the selected roles is provided to the user and all the other roles are removed for the logged-in session.
|
| Role List |
Choose the role from the Role List. |
| Group List |
Choose the role from the Group List. |
-
Select, Submit.
The login for users based on the configured countries is as follows:
- If Remove Roles, the users from the configured countries in the location filter will be removed with the roles configured for the session.
- If Limit To Roles, the users from the configured countries in the location filter has only the roles that are configured for the session.
To know more about how to remove or limit roles for a session, see Tutorial: Use Zero Trust Access.