You can edit the default access policy to change the policy rules, and you can edit application-specific policies to add or remove applications and to change policy rules.
Before you begin
Configure the appropriate network ranges for your deployment. See Add or Edit a Network Range.
Configure the appropriate authentication methods for your deployment. Configuring User Authentication in VMware Identity Manager.
About this task
You can remove an application-specific access policy at anytime. The default access policy is permanent. You cannot remove the default policy.
- In the administration console Identity & Access Management tab, select .
- Click the policy to edit.
- If this policy applies to Web or desktop applications, click Edit Apps to add or delete applications in this policy.
- In the Policy Rules section, Authentication Method column, select the rule to edit.
The Edit a Policy Rule page appears with the existing configuration displayed.
- To configure the authentication order, in the then the user must authenticate using the following method drop-down menu, select the authentication method to apply first.
- (Optional) To configure a fallback authentication method if the first authentication fails, select another enabled authentication method from the next drop-down menu.
You can add multiple fallback authentication methods to a rule.
- Click Save and click Save again on the Policy page.
The edited policy rule takes effect immediately.
What to do next
If the policy is an application-specific access policy, you can also apply the policy to applications from the Catalog page. See Add a Web or Desktop Application-Specific Policy