Updating a Sign-On Policy
Update a sign-on policy in an identity domain in IAM.
You can make the following changes to a sign-on policy:
-
Edit the name or description of the policy
-
Add, remove, edit, or change the priority of sign-on rules for the policy
-
Add or remove apps for the policy
To modify a sign-on policy, follow these steps:
-
To add, remove, edit, or change the priority of sign-on rules for the policy,
under Resources, click Sign-on
rules.
- To add a rule to the policy, click Add sign-on rule and provide the required values. For a description of the fields, see Adding a Rule to a Sign-On Policy.
- To edit a rule, click the Actions menu (
) for the rule and
select Edit sign-on rule. Make your edits. For a description of the
fields, see Adding a Rule to a Sign-On Policy. - To remove a rule, select the checkbox for the rule in the table, click Remove sign-on rule, and then confirm the deletion.
-
To change the priority of the rules, click Edit priority and then click the up or down arrow next to the rule to move it to the position in the listed order that you want the rule applied.
For example, if the sign-on rule is currently listed fourth, and you want the identity domain to evaluate it first, click the up arrow next to the rule until it is at the top of the list. That sign-on rule now has a priority of 1, and the rule that was listed first now has a priority of 2.