[[_policy_client]]
= Client-based policy

You can use this type of policy to define conditions for your permissions where a set of one or more clients is permitted to access an object.

ifeval::[{project_community}==true]
To create a new client-based policy, select *Client* from the policy type list.
endif::[]
ifeval::[{project_product}==true]
To create a new client-based policy, select *Client* in the item list in the upper right corner of the policy listing.
endif::[]

.Add a Client Policy
image:{project_images}/policy/create-client.png[alt="Add a Client Policy"]

== Configuration

* *Name*
+
A human-readable and unique string identifying the policy. A best practice is to use names that are closely related to your business and security requirements, so you
can identify them more easily.
+
* *Description*
+
A string containing details about this policy.
+
* *Clients*
+
Specifies which clients have givenGroup-based policy access by this policy.
+
* *Logic*
+
The logic of this policy to apply after the other conditions have been evaluated.

[role="_additional-resources"]
.Additional resources
* <<_policy_logic, Positive and negative logic>>