Manage application policies
Policies let you control access to an app URL. You can allow or deny access to individual users or groups and configure custom access in advanced configurations.
App policies inherit the original group specified in the app's Essentials tab. Access Gateway checks this group setting before applying an access policy to an app's URI and allows or denies access to the app accordingly. See Application essentials.
This topic describes how to create, configure, edit, and delete Access Gateway app policies.
Start this procedure
- Open the Access Gateway Admin UI console.
- Click the Applications tab.
- Select an app that you want to add, delete, or edit a policy in, and then click Edit (the pencil icon).
- Select the Policies subtab.
- Do one of the following actions:
You can't change or delete the default root (/) policy.
Add a policy
- Click Add (the plus icon) in the policy list header and then select a policy type:
- Protected
- Not Protected
- Protected Rule
- Adaptive
- Custom: To add a custom policy you must select another policy type and then change its type to Custom.
See Policy types for details about each type.
- In Resource Path, enter a unique URI to the resource that you want to protect. Access Gateway doesn't support using the same URL for multiple behaviors or policies.
The custom policy allows you to add a regular expression in Resource Path.
- Optional. Clear the Case Sensitive checkbox to make the URI case-insensitive.
- For the Protected Rule policy: In Resource Matching Rule, enter a Regex expression representing the users that you want to grant access to the resource. See Example Access Gateway policy for examples of expressions.
- Click Okay.
See Application policy precedence for more information on resource paths, policy precedence, general matching, and case-sensitive or insensitive matching.