Configure the Authentication Policy

When creating a Single Sign-On application, you will have the following policy mode options:

Cloud - All users in the organization are affected.
Group Policy - Only users targeted by a tagged GPO are affected.
Both - All users are affected. If a user also is targeted by a tagged GPO, the Group Policy takes preference over the Cloud Policy.

Configure the authentication policy to control which users are allowed to authenticate to an application using Specops Authentication and which identity services are used:

Click Next: Policy Configuration.

Note

Policy Configuration determines which users the application policy applies to and which authentication rules are enforced for them. Only users included in a policy are allowed to access the application. Users who are not included in any policy will not have access.
Select a Policy mode from the list.
If you selected Group Policy or Both as policy mode, choose one or more GPOs from the Group Policy Objects list, and click Add.
1. Click Edit Authentication Rules next to the added GPO.
2. Configure your desired authentication rules.
3. Click Save.
If you selected Cloud or Both as policy mode, click Configure.
1. Add the identity services that you want to include.
2. Click Save.
Click I'm done.
Continue to Configure Domain Federation in Entra ID.