Enable the Login Risk Score authentication method in the Workspace ONE Access console. You then select the type of authentication action to apply to user' login risk score based on high, medium, or low scores.
You can allow access, require step-up authentication, or deny access. The action associated to the login risk score determines the user experience.
- Allow Access. The user can log in and access policy rules are followed.
- Step-Up Authentication. The user cannot log in with only the credential that was entered. The next authentication method configured in the access policy is presented to the user.
- Deny Access. User cannot log in and no other login option is presented to the user.
Your Workspace ONE Access tenant must be registered with Workspace ONE Intelligence.
- In the Workspace ONE Access console Identity & Access Management > Authentication Methods tab, select Login Risk Score.
- Enable Login Risk Score and configure the authentication action required for low, medium, and high risk scores.
The actions available to select are Allow Access, Step-Up Authentication, Deny Access.
- Click Save.
What to do next
Go the Policies tab and edit the default access policy to add the Login Risk Score authentication method to the policy rules and create the policy rule for the step-up authentication flow if applied to a score. To see an example policy rule configuration with Login Risk Score, see Example Access Policy Using Login Risk Score Authentication in Workspace ONE Access (Cloud Only).