Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Device assurance policy: update policies concept doc #5259

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+13 −1
Open

Device assurance policy: update policies concept doc #5259

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion packages/@okta/vuepress-site/docs/concepts/policies/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ The [`system` attribute](https://developer.okta.com/docs/api/openapi/okta-manage

## Policy types

You can configure policies for sign-on, passwords, enrollment, and API access. You can also use identity provider (IdP) discovery policies to create routing rules.
You can configure policies for sign-on, passwords, enrollment, device assurance, and API access. You can also use identity provider (IdP) discovery policies to create routing rules.

### Sign-on policies

Expand All @@ -99,6 +99,18 @@ You can create an authentication policy specifically for the app or create a few

Use the [Authentication Policies page](https://help.okta.com/okta_help.htm?type=oie&id=ext-create-auth-policy) to modify an app's sign-on policy or switch to a different policy. See [Configure a global session policy and an authentication policy](/docs/guides/configure-signon-policy/main/). Also, you can [merge duplicate authentication policies with identical rules](https://help.okta.com/okta_help.htm?type=oie&id=ext-merge-auth-policies) to simplify policy management.

#### Device assurance policies

Use [device assurance policies](https://developer.okta.com/docs/api/openapi/okta-management/management/tag/DeviceAssurance/) to check sets of security-related device atributes. Device assurance works as part of your [authentication policies](#authentication-policies).

For example, you can configure a device assurance policy to check whether a specific operating system version is installed on a device. Once verified, that device can be used to access Okta-protected resources.

After you add at least one device assurance policy, you can include it in authentication policy rules. You can't apply device assurance policies to users, groups, or devices until you make them part of an authentication policy rule.

<!-- See [Configure a device assurance policy]() for more details. -->

See [Device assurance](https://help.okta.com/okta_help.htm?type=oie&id=ext-device-assurance) for details about configuring the policy in the Admin Console.

##### Okta account management policy

<ApiLifecycle access="ie" />
Expand Down