Create an authentication policy
You create an authentication policy to specify the types of authentication that administrators must complete to sign in to the credentials before they receive a one-time password prompt.
Cylance Endpoint Security
management console and users must complete to activate Cylance Endpoint Security
apps or agents (for example, CylancePROTECT Mobile
or CylanceGATEWAY
) . Users must complete the types of authentication in the order that you specify in the policy. For example, if you add Enterprise before One-Time Password, users enter their work or my
AccountIn a policy you can also configure app exceptions and specify different authenticators for specific apps. App exceptions take precedence over the authentication policy. Any authentication policies that are configured in your tenant are applied in the following order:
- App exceptions in authentication policies that are assigned to users or groups
- Authentication policies that are assigned to users or groups
- Tenant authentication policy
- On the menu bar, clickPolicies > User Policy.
- Click theAuthenticationtab.
- ClickAdd policy.
- Enter a name and description for the policy.
- In theAuthentication rulessection, clickAdd Authenticator.If your authenticator was created before December 2023, and you updatedCylance Endpoint Securitylogin request URL to enable the IDP-initiated Proxy to allow users to use single sign-on (SSO) to access the Cylance console after logging in to their users’ IDP portal, add the updated authenticator and remove the original authenticate that was created. For more information, see Enhanced authentication sign in.
- In theAdd authenticatordialog box, select an authenticator in the drop-down list.Repeat this step to add more authenticators to the policy. Users receive prompts from each authenticator in the order that they are listed in the policy. If you addDuoMFA to the policy, you should also add another authenticator so thatDuois used as a second factor for authentication. To change the order, clickSet Order, drag the authenticators to the order that you want, and clickSet Orderagain.
- If you want to add app exceptions, clickManage App Exceptions.
- In theManage App Exceptionsdialog box, select the apps that you want to include in theAvailable appspane.
- Click .
- ClickSave.
- In theManage app exceptionssection, click the tab for one of the apps that you added as an exception.
- ClickAdd Authenticator.
- In theAdd authenticatordialog box, select an authenticator from the drop-down list. ClickSave.Repeat this step to add more authenticators to the app exception. Users must complete the types of authentication in the order that you specify. To change the order, clickSet Order, drag the authenticators to the order that you want and clickSet Orderagain.
- To save the policy, clickSave.