Authentication policies

Every app in your org has an authentication policy. The authentication policy verifies that users who try to sign in to the app meet specific conditions, and it enforces factor requirements based on those conditions.

Authentication policies share some conditions with global session policies, but they serve different purposes. A user who gains access to Okta through the global session policy doesn't automatically have access to their apps. You can create a unique policy for each app in your org, or create a few policies and share them across multiple apps. You can also use Okta preset policies for apps with standard sign-on requirements. If you decide later to change an app’s sign-on requirements, you can modify its policy or switch to a different policy.