ResourceRule
A ResourceRule defines the information returned about a resource rule. A resource rule is used to determine what authentication is used to authenticate to the specified resource (aka application).
Properties
Name | Type | Description | Notes |
---|---|---|---|
api_version | int | The resource rules API version used to create or last update this resource rule. If the resource rule is at version 2, then it cannot be updated using a version 1 API. | [optional] [readonly] |
date_time_context | DateTimeContext | [optional] | |
description | str | The description of the resource rule. | [optional] |
device_certificate_context | DeviceCertificateContext | [optional] | |
disable_sso | bool | A flag indicating if single-sign on is disabled for this resource rule. | |
enabled | bool | A flag indicating if this resource rule is enabled or not. Only enabled resource rules are considered during authentication. | [optional] |
groups | List[Group] | The groups associated with this resource rule. The resource rule only applies to users in one of the specified groups. A resource rule must specify at least one group which can be the default All Groups if you want the resource rule to apply to all users. | |
high_risk_authentication_flow | AuthenticationFlow | [optional] | |
high_risk_enable_smart_login | bool | A flag indicating if Smart Login is enabled for High risk. This parameter is deprecated, use the highRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
high_risk_first_step | str | The authenticator type to use in the first step of a two-step authentication scenario when the risk score is High. This parameter is deprecated, use the highRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
high_risk_second_step | List[str] | The authenticator type to use during in the second step of a two-step authentication scenario when the risk score is High. This parameter is deprecated, use the highRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
id | str | The unique UUID assigned to the resource rule when it is created. | [optional] |
ip_context | IpContext | [optional] | |
kba_context | KbaContext | [optional] | |
location_context | LocationContext | [optional] | |
location_history_context | LocationHistoryContext | [optional] | |
low_risk_authentication_flow | AuthenticationFlow | [optional] | |
low_risk_enable_smart_login | bool | A flag indicating if Smart Login is enabled for Low risk. This parameter is deprecated, use the lowRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
low_risk_first_step | str | The authenticator type to use in the first step of a two-step authentication scenario when the risk score is Low. This parameter is deprecated, use the lowRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
low_risk_second_step | List[str] | The authenticator type to use during in the second step of a two-step authentication scenario when the risk score is Low. This parameter is deprecated, use the lowRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
low_risk_threshold | int | Risk scores below this value are considered Low risk. | [optional] |
machine_context | MachineContext | [optional] | |
medium_risk_authentication_flow | AuthenticationFlow | [optional] | |
medium_risk_enable_smart_login | bool | A flag indicating if Smart Login is enabled for Medium risk. This parameter is deprecated, use the mediumRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
medium_risk_first_step | str | The authenticator type to use in the first step of a two-step authentication scenario when the risk score is Medium. This parameter is deprecated, use the mediumRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
medium_risk_second_step | List[str] | The authenticator type to use during in the second step of a two-step authentication scenario when the risk score is Medium. This parameter is deprecated, use the mediumRiskAuthenticationFlow attribute with v2 APIs. | [optional] |
medium_risk_threshold | int | Risk scores below this value are considered Medium risk. Risk scores equal or greater than this value are considered High risk. | [optional] |
name | str | The name of the resource rule. | |
resource_id | str | The UUID of the resource to which this resource rule is assigned. | [optional] |
resource_name | str | The name of the resource to which this resource rule is assigned. | [optional] |
risk_engine_contexts | List[TransactionContext] | If risk engine rules are defined, the transaction contexts specify the levels at which risk is applied to the authentication request if the corresponding risk engine rules trigger risk. | [optional] |
skip_second_factor_if_user_not_exist | bool | A flag indicating if second factor can be skipped if the user does not exist and the first factor is EXTERNAL. | |
strict_access | bool | A flag indicating if this resource rule enforces strict access. Strict access means that if this rule denies access, the user is denied access even if other resource rules allow access. | |
system_resource_context | bool | A flag indicating if this resource rule is associated with a system resource including the Admin and User portals. A resource rule for a system resource cannot be deleted. They can only be disabled if there is at least one enabled resource rule for the resource. | [optional] |
transaction_contexts | List[TransactionContext] | If transaction details are specified during an authentication request, the transaction contexts specify the levels at which risk is applied to the authentication request if the corresponding transaction rules trigger risk. A maximum of two are allowed. | [optional] |
travel_velocity_context | TravelVelocityContext | [optional] |