keycloak-scim/topics/policy/time-policy.adoc

== Time-Based Policy

This type of policy allows you to define time conditions for your permissions.

To create a new policy select the option *Time* in the dropdown located in the right upper corner of the permission listing.

.Add Time Policy
image:../../images/policy/create-time.png[alt="Add Time Policy"]

=== Configuration

* *Name*
+
A human-readable and unique string describing the policy. We strongly suggest you to use names that are closely related with your business and security requirements, so you
can identify them more easily and also know what they actually mean
+
* *Description*
+
A string with more details about this policy
+
* *Not Before*
+
Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value
+
+
* *Not On or After*
+
Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value
+
* *Day of Month*
+
Defines the day of month which policy MUST be granted. You can also provide a range by filling the second field with the day of month before/equal which the policy MUST be granted. In this case, the policy would be granted if current day of month is between or equal to the two values you provided.
+
* *Month*
+
Defines the month which policy MUST be granted. You can also provide a range by filling the second field with the month before/equal which the policy MUST be granted. In this case, the policy would be granted if current month is between or equal to the two values you provided.
+
* *Year*
+
Defines the year which policy MUST be granted. You can also provide a range by filling the second field with the year before/equal which the policy MUST be granted. In this case, the policy would be granted if current year is between or equal to the two values you provided.
+
* *Hour*
+
Defines the hour which policy MUST be granted. You can also provide a range by filling the second field with the hour before/equal which the policy MUST be granted. In this case, the policy would be granted if current hour is between or equal to the two values you provided.
+
* *Minute*
+
Defines the minute which policy MUST be granted. You can also provide a range by filling the second field with the minute before/equal which the policy MUST be granted. In this case, the policy would be granted if current minute is between or equal to the two values you provided.
+
* *Logic*
+
The link:logic.html[logic] of this policy

In order to the policy evaluate to a _GRANT_, all conditions that you defined must be true. Keycloak will perform an _AND_ with the outcome from each one of the conditions you have defined.
More doc 2016-06-05 22:17:31 +00:00			`== Time-Based Policy`

			`This type of policy allows you to define time conditions for your permissions.`

More screenshots. Reviewing getting started tutorials. 2016-06-14 23:50:50 +00:00			`To create a new policy select the option Time in the dropdown located in the right upper corner of the permission listing.`

			`.Add Time Policy`
			`image:../../images/policy/create-time.png[alt="Add Time Policy"]`

			`=== Configuration`

More doc 2016-06-05 22:17:31 +00:00			`* Name`
			`+`
			`A human-readable and unique string describing the policy. We strongly suggest you to use names that are closely related with your business and security requirements, so you`
			`can identify them more easily and also know what they actually mean`
			`+`
			`* Description`
			`+`
			`A string with more details about this policy`
			`+`
			`* Not Before`
			`+`
			`Defines the time before which the policy MUST NOT be granted. Only granted if current date/time is after or equal to this value`
			`+`
			`+`
			`* Not On or After`
			`+`
			`Defines the time after which the policy MUST NOT be granted. Only granted if current date/time is before or equal to this value`
			`+`
Fixes and updates. 2016-09-08 22:58:55 +00:00			`* Day of Month`
			`+`
			`Defines the day of month which policy MUST be granted. You can also provide a range by filling the second field with the day of month before/equal which the policy MUST be granted. In this case, the policy would be granted if current day of month is between or equal to the two values you provided.`
			`+`
			`* Month`
			`+`
			`Defines the month which policy MUST be granted. You can also provide a range by filling the second field with the month before/equal which the policy MUST be granted. In this case, the policy would be granted if current month is between or equal to the two values you provided.`
			`+`
			`* Year`
			`+`
			`Defines the year which policy MUST be granted. You can also provide a range by filling the second field with the year before/equal which the policy MUST be granted. In this case, the policy would be granted if current year is between or equal to the two values you provided.`
			`+`
			`* Hour`
			`+`
			`Defines the hour which policy MUST be granted. You can also provide a range by filling the second field with the hour before/equal which the policy MUST be granted. In this case, the policy would be granted if current hour is between or equal to the two values you provided.`
			`+`
			`* Minute`
			`+`
			`Defines the minute which policy MUST be granted. You can also provide a range by filling the second field with the minute before/equal which the policy MUST be granted. In this case, the policy would be granted if current minute is between or equal to the two values you provided.`
			`+`
More doc 2016-06-05 22:17:31 +00:00			`* Logic`
			`+`
Fixes and updates. 2016-09-08 22:58:55 +00:00			`The link:logic.html[logic] of this policy`

			`In order to the policy evaluate to a _GRANT_, all conditions that you defined must be true. Keycloak will perform an _AND_ with the outcome from each one of the conditions you have defined.`