The Directories Management policies are a set of rules that specify criteria that must be met for users to access their app portal or to launch specified Web applications.

You create the rule as part of a policy. Each rule in a policy can specify the following information.

  • The network range, where users are allowed to log in from, such as inside or outside the enterprise network.

  • The device type that can access through this policy.

  • The order that the enabled authentication methods are applied.

  • The number of hours the authentication is valid.

  • Custom access denied message.


The policies do not control the length of time that a Web application session lasts. They control the amount of time that users have to launch a Web application.

The Directories Management service includes a default policy that you can edit. This policy controls access to the service as a whole. See Applying the Default Access Policy. To control access to specific Web applications, you can create additional policies. If you do not apply a policy to a Web application, the default policy applies.