Add an authentication policy for the first time users use a browser
- On the menu bar, clickPolicies and profiles. ClickBlackBerry Enterprise Identitybelow Managed devices.
- In theAuthentication policiespane, clickAdd a policy.
- Enter a name and description for the authentication policy.
- In theMinimum authentication leveldrop-down list, select Level 1.This level corresponds to the Enterprise password authenticator ranking that you set in the previous task. If you save this policy without adding a risk scenario and assign it to users, they will be required to enter only their enterprise password when they log into a service. If you want to require additional authentication if they are using the browser for the first time, complete the following steps to add a risk scenario.
- In theRisk scenariostable, click +.
- Enter a nameand description for the scenario.
- In theMinimum authentication level drop-down list, select Level 3. This level corresponds to the Enterprise password + BlackBerry 2FA authenticator ranking that you set in the previous task.
- ClickNetwork detection.
- In theConfigurationdrop-down list, selectBrowser detected for the first time.If you configure this option, when one of your organization’s users is using a browser for the first time and they try to log into a service, they will be required to enter their enterprise password and respond to aBlackBerry 2FAprompt on their device.
- ClickSave.
- ClickSave.
- Assign the authentication policy to users or groups.