Entrust Identity as a Service™ Technical Integration Guides
Click here to see this page in full context

Report errors or omissions

  1. Home >
  2. Protect applications with a resource rule >
  3. Create resource rules >
  4. Add a resource rule

Add a resource rule

Building a resource graph involves several steps, depending on the type of resource rule you want to create. If you simply want the most basic resource rule that has Skip Password for first-factor authentication and default second-factor, just add the resource rule and the basic template is configured with these settings.

Note: Before you begin, review the Terminology and Tips section. See Create resource rules.

The following sections describe how to configure elements of a resource rule. Click the + plus symbol to see more details, or click the link to move the applicable page.

Step 1: Add resource rules

You can add resource rules to applications in the following ways:

Add the resource rule when you add the application to IDaaSAdd the resource rule when you add the application to IDaaS

Click > Security > Applications. The Applications List page appears.

Select the application template that you want to add to IDaaS.

Configure the General Settings, Advanced Settings, and Customizations as required.

Click the Resources Rules tab and then click Add Resource Rule.

From the Applications List pageFrom the Applications List page

Click > Security > Applications. The Applications List page appears.

Click the name of the application. The Edit Application page appears.

Click the Resource Rules tab.

Click Add Resource Rule.

From the Resource Rules pageFrom the Resource Rules page

Click >Security > Resource Rules. The Resource Rules page appears.

Click + next to the application you want to protect with a resource rule. The Add Resource Rules page appears with a starting template.

Clone a resource ruleClone a resource rule

Click Security > Resource Rule. The Resource Rules List page appears.

Click and select Clone next to the resource rule you want to clone. The Add Resource Rules page appears.

Give it a new name.

Modify your resource rule as required.

Step 2: Configure the General settings

In the General Settings, enter the name and description for the resource rule, and optionally, configure the Advanced Settings.

Configure the General SettingsConfigure the General Settings

If the General Settings do not appear, click anywhere in the Canvas to display them.

Enter a Name and Description for the resource rule.

Optional. Click Advanced Settings to view advanced settings available for the type of application being protected by the resource rule.

Enable the following Advanced Settings, as applicable and available:

Strict AccessSets the resource rule to deny access regardless of the outcome of other resource rules. If this option is disabled for any resource rule that denies access, the user is allowed access if at least one resource rule allows access.

Single Sign-On—Allows users to bypass reauthentication. When disabled, users are forced to reauthenticate whenever they try a new login.

Bypass second-factor auth for new users—New users not yet found in the resource can bypass second-factor authentication. Existing users must still perform second-factor authentication.

Click Save.

Step 3: Optional. Add Access Controls.

See Add Access Controls.

Step 4: Add Risk Factors

See Add Risk Factors.

Step 5: Configure Risk Evaluation

See Add Risk Evaluation.

Step 6: Save the resource rule

Save the resource ruleSave the resource rule

Click anywhere in the Canvas to display the General Settings.

Click Save.

Note: If Save is not available, there is an error in the resource rule graph. Check the error messages in the Task bar. See  Error messages for more information.