keycloak-scim/authorization_services/topics/policy-client-policy.adoc

33 lines
959 B
Text
Raw Normal View History

2017-04-25 22:52:57 +00:00
[[_policy_client]]
= Client-based policy
2017-04-25 22:52:57 +00:00
You can use this type of policy to define conditions for your permissions where a set of one or more clients is permitted to access an object.
To create a new client-based policy, select *Client* in the item list in the upper right corner of the policy listing.
2017-04-25 22:52:57 +00:00
.Add a Client Policy
image:images/policy/create-client.png[alt="Add a Client Policy"]
2017-04-25 22:52:57 +00:00
== Configuration
2017-04-25 22:52:57 +00:00
* *Name*
+
A human-readable and unique string identifying the policy. A best practice is to use names that are closely related to your business and security requirements, so you
can identify them more easily.
+
* *Description*
+
A string containing details about this policy.
+
* *Clients*
+
Specifies which clients are given access by this policy.
+
* *Logic*
+
The logic of this policy to apply after the other conditions have been evaluated.
[role="_additional-resources"]
.Additional resources
* <<_policy_logic, Positive and negative logic>>