You can create an access policy in JavaScript and then use the local management interface
to deploy it.
Before you begin
Before you begin, ensure that you understand the following concepts.
- The business requirements or scenarios for the access policy.
- The types of Security Access Manager deployments that can enforce and use access policies.
For more information, see Access policies.
Procedure
- Create the policy by writing JavaScript that enforces the requirements.
See Access policy development.
- Use the Access Policies menu in the local management interface to add
the policy to your deployment.
See Managing access policies.
- Enable access policies for your deployment, and apply the necessary access policy.
Follow the instructions for your type of deployment.
- SAML 2.0 identity provider federation
Use the local management interface wizard to enable access policies, and select a policy to assign to the federation.
See Creating and modifying a federation.
- SAML 2.0 service provider partner to an identity provider federation
Use the local
management interface wizard to enable access policies, and select a policy to assign to the partner. See
Managing federation partners.
Note: If you enable
access policies on the partner, and select a policy, the partner policy takes precedence over any
policy that is assigned to the federation. If you do not enable access policies on the partner,
access policies that are enabled for the federation are still enforced.
- OpenID Connect and API Protection Definition
When you create or manage an API Protection
Definition, you can choose to specify an access policy. See Creating an API protection definition.