App sign-in policies

App sign-in policies define how a user must authenticate to gain access to an app. They verify that the user meets specific app requirements, like group membership, the IP zone they're signing in from, risk level, and others. If the user meets the requirements of the app sign-in policy, they're granted access to the app.

You can create a unique policy for each app in your org, or create a few policies and share them across multiple apps. You can use Okta preset policies for apps with standard sign-in requirements.

You can also use the Okta account management policy to define authentication requirements when users enroll or unenroll authenticators, recover their passwords, and unlock their accounts.

Topics

• Create an app sign-in policy
• Add an app sign-in policy rule
• Assign apps to an app sign-in policy
• Update an app sign-in policy
• Clone an app sign-in policy
• Modify app sign-in policies for first-party apps
• Preset app sign-in policies
• Merge duplicate policies
• Create device signal collection rules
• Authentication method chain
• Authentication scenarios
• Biometric user verification in app sign-in policies
• Device platform security