Add a behavior to a sign-on policy rule
Add a behavior to an existing sign-on policy rule. All of the conditions of the rule in addition to the behaviors must be met to trigger the rule.
Start this task
-
In the Admin Console, go to Security > Authentication.
- Select Sign On.
- Click Edit rule beside the rule to which you want to add a behavior.
- In the And behavior is field, enter the name of an existing behavior that was previously created. Start entering a behavior name and a dropdown list of all matching defined behaviors appears from which you can select a behavior.
- If you add multiple behaviors, they are OR conditions.
- When added, these behaviors are evaluated along with any other items defined in the rule.
- Specify the Allowed condition in the Then access is section.
You can't deny access to users based on behavior conditions. This limitation helps to prevent legitimate users from being locked out of their accounts. They are only denied access if multifactor authentication fails.
- Click Create Rule.
