Skip Navigation

Add an authentication policy for the first time users use a browser

  1. On the menu bar, click 
    Policies and profiles
    . Click 
    BlackBerry Enterprise Identity
     below Managed devices.
  2. In the 
    Authentication policies
     pane, click 
    Add a policy
    .
  3. Enter a name and description for the authentication policy.
  4. In the 
    Minimum authentication level
     drop-down list, select Level 1. 
    This level corresponds to the Enterprise password authenticator ranking that you set in the previous task. If you save this policy without adding a risk scenario and assign it to users, they will be required to enter only their enterprise password when they log into a service. If you want to require additional authentication if they are using the browser for the first time, complete the following steps to add a risk scenario.
  5. In the 
    Risk scenarios
     table, click +.
  6. Enter a nameand description for the scenario.
  7. In the 
    Minimum authentication leve
    l drop-down list, select Level 3. This level corresponds to the Enterprise password + BlackBerry 2FA authenticator ranking that you set in the previous task.
  8.  Click 
    Network detection
    .
  9.  In the 
    Configuration
     drop-down list, select 
    Browser detected for the first time
    .
    If you configure this option, when one of your organization’s users is using a browser for the first time and they try to log into a service, they will be required to enter their enterprise password and respond to a 
    BlackBerry 2FA
     prompt on their device.
  10. Click 
    Save
    .
  11. Click 
    Save
    .
  • Assign the authentication policy to users or groups.