The Login Policies page allows the Org Admin to
- add new Login Policies for the organization
- search, sort and edit existing login policies of the organization
The Login Policy enforces a defined method of authentication and other login security definitions and settings to those users to which the policy is applied.
Approve Simple Login Policies define login method (Quick, Credentials or SAML), application Idle Session Timeout, Lock Screen settings and access to ApproveSimple (via regular distribution or MDM distribution of the Organization).
Your organization has two Login Policies by default, but you may add as many login policies as needed. This flexibility allows for setting authentication methods per user role based on data sensitivity. It also enables using different policies for logging into the app and for logging into the Admin Console.
- Quick - email-based login policy.
- Credentials - password-based login policy.
A Login Policy has one authentication method associated with it. The following authentication methods are available:
Only an email address is required to login.
Both email and password are required.
Users are redirected to an external SAML IdP
- Log into the Admin Console
- Click on Login Policies in the left-side navigation.
- In Login Policies, click the Add Policy option (upper right).
An empty Login Policy General Details form is displayed:
SAML dropdown list
The SAML dropdown list is displayed only when SAML is selected as the login type.
- On the Create Login Policy page that is displayed, enter the details of the policy:
Unique name for the policy.
The selected authentication method for the policy
The selected SAML definition.
Note: This is Relevant for SAML authentication method only. This drop down list is visible only if SAML was chosen for Login Type
Idle Session Timeout
The idle session timeout after which the user will be logged out.
When selected, users are required to unlock the app with a PIN code
- Click the Save button
To edit an existing login policy:
- From the Login Policies page of the Admin Console, click the edit button to the left of the required login policy name.
- On the General Details page of that policy, which is displayed in edit mode, edit the widgets according to the table above.
- Click Save.
Assignment of login policy is performed individually for each ApproveSimple user from the user's page.
New users are automatically assigned the Default login policy for accessing the App.
If the user is an Org Admin or Org Manager, you should also set the Admin Console (Credentials) login policy.
See Users for more details on setting the Login Policies of users.
Updated about a year ago