Portal access rules make the login process more secure by specifying conditions under which users should be granted or denied access. They support two-factor authentication, as well as limiting access by IP range, browser, user group, and more.
Go to Security > Policies > Portal Access Rules to see an overview of the portal access rules set up within your organization’s HelloID environment.
The following information is displayed for portal access rules:
The descriptive name of the access rule. The icon indicates whether the access rule denies access (red cross) or permits access (green check mark).
In ascending order, the order in which the access rule is applied when a user logs in. A lower number indicates a higher priority.
- Login Providers
The identity providers (IdPs) to which this access rule applies. Different rules may be set for different IdPs. For example, users authenticating locally may require two-factor authentication, but those authenticating through ADFS may not. If you do not specify an IdP, the rule applies to all IdPs.
- Time Restriction
This field displays the times between which this access rule applies. For example, a rule may only be in effect during normal business hours.
- IP Restriction
The IP address, or IP ranges, to which this access rule applies.
The HelloID user groups to which this access rule applies.
- Two Factor
The method of two-factor authentication that is used, if any.
The browser or platform to which this rule applies. For example, you may want an access rule to apply to users only when they are accessing HelloID via their iOS or Android mobile devices.
Edit or delete existing access rules.
When no portal access rules exist, all users may log in at any time.