Portal access rules allow HelloID Administrators to make their login processes more secure. This can be done by enabling two-factor authentication, and by limiting access from certain IP ranges, browsers, groups of users, and more.
Navigate to Security > Policies > Portal Access Rules to see an overview of the portal access rules set up within your organization’s HelloID environment.
When no portal access rules are added, a default rule will apply that allows all users from any location to log in at any time.
The following information is displayed for portal access rules:
The descriptive name of the access rule. This can be edited from the Actions menu. The icon indicates whether the access rule denies access (red cross) or permits access (green check mark).
- Login Providers
This field displays the login providers to which this access rule applies. Different rules may be set for different identity providers (IdP). For example, users authenticating locally may require two-factor authentication, but those authenticating through ADFS do not. If you do not specify an IdP, the rule will apply to everyone.
- Time Restriction
This field displays the times between which this access rule applies. For example, a rule may only be in effect during normal business hours.
- IP Restriction
This field displays the IP address, or IP ranges to which this access rule applies. For example, you may grant or deny access to an entire range of IP addresses for security purposes.
This field displays the HelloID user groups to which this access rule applies. Members of these groups will be subject to this access policy upon login.
- Two Factor
This field displays the method of two-factor authentication that is used, if any.
This field displays the browser or platform to which this rule applies. For example, you may want an access rule to apply to users only when they are accessing HelloID via their iOS or Android mobile devices.
Use the options here to edit or delete the existing access rules.