Only the password authentication method is configured in the default policy rules. You must edit the policy rules to select the other authentication methods you configured and set the order in which the authentication methods are used for authentication.
Before you begin
Enable and configure the authentication methods that your organization supports. See Integrating Alternative User Authentication Products with Directories Management
- Click the default access policy to edit.
- To open a policy rule page to edit, click the authentication name in the Authentication Method column, or to add a new policy rule, click the + icon.
- Verify that the network range is correct. If adding a new rule, select the network range for this policy rule.
- Select which type of device that this rule manages from the and the user is trying to access content from... drop-down menu.
- Configure the authentication order. In the then the user must authenticate using the following method drop-down menu, select the authentication method to apply first.
To require users to authenticate through two authentication methods, click + and enter a second authentication method.
- (Optional) To configure additional authentication methods if the first authentication fails, select another enabled authentication method from the next drop-down menu.
You can add multiple fallback authentication methods to a rule.
- In the Re-Authenticate after value text box, enter the number of hours after which users must authenticate again.
- (Optional) Create a custom access denied message that displays when user authentication fails. You can use up to 4000 characters, which is about 650 words. If you want to send users to another page, in the Link URL text box, add the URL link. In the Link text text box, enter the text that displays for the link. If you leave this text box blank, the word Continue displays.
- Click Save.
- Click Save.
- Click Save and click Save again on the Policy page.