The authentication policy is a combination of rules that are to be matched and their corresponding actions. The rules can be configured to match for client IP, host header, or path match.
Configuring Authentication Rule screen
In the AUTHENTICATION RULE screen, click Add.
Navigate to
.Click Add.
In the Authentication Rule screen, enter Name of the rule.
Ensure the option Enable Rule is toggled on to apply the rule.
Click Add and select the required option as the Match criterion.
Client IP Address
Path
Host Header
Criteria |
Description |
Configuration |
---|---|---|
Client IP Address |
The client IP address of incoming requests will be matched with the rules configured. If a match is found for the client IP, the corresponding rule gets executed. |
|
The client IP match can be the client IP address, address range, IP prefixes, or an IP group. |
2. Click Select from Available and select the IP group from the drop-down menu available or Select Enter Custom Value and manually enter the IP Address. |
|
Add Host Header |
The host header is matched from the configured list of the host header values. Host header can be configured to be case sensitive aware. |
1. Select a Match Criteria from the drop down list. For example, Begins with. 2. Enter a string value to match with the criterion defined, for example, abc. |
Path |
The path match is matched based on the string group or list of the string values of the path. The path match can be configured to be case sensitive aware. |
1. Select a Match Criteria from the drop down list. For example, Begins with. |
2. Click Select from Available and select the string group from the drop-down menu. Or Select Enter Custom Value and manually enter the String Group. |
7. Configure the Action to be executed. Currently the following two actions are supported:
- Skip Authentication
-
To skip authentication if any one of the rules is matched
- Default Authentication
-
To use SAML authentication if any one of the rules is matched.
8. Click Save.
Viewing the Authentication Rule
From the SSO policy, click the arrow against the required rule.
The rule configuration is displayed as shown below: