Activating/deactivating an authentication policy
Note
This feature is at the Preview stage.
In Yandex Identity Hub, authentication policies are used for granular management of user and user group access to Yandex Identity Hub applications by denying or allowing authentication based on the policy criteria.
You can group Yandex Identity Hub users to simplify access management in Yandex Cloud. For more information, see User groups.
Yandex Identity Hub SAML and OIDC applications allow Yandex Cloud users to authenticate in services of third-party service providers. For more information, see Applications in Yandex Identity Hub.
Yandex Cloud uses Yandex accounts as well as federated and local user accounts. For more information, see Accounts in Yandex Cloud.
Authentication policies can be managed by users with the organization-manager.admin role or higher.
The organization-manager.admin role enables managing organization settings, identity federations, user pools, SAML applications, OIDC applications, users and user groups, and users' access permissions to the organization and its resources. To learn more, see Access management in Yandex Identity Hub.
Activate an authentication policy
To activate an authentication policy, follow these steps:
- Log in to Yandex Identity Hub
. - In the left-hand panel, select
Security settings and go to the Authentication policies tab. - In the row with an inactive authentication policy, click
and select Activate. - In the window that opens, confirm the policy activation.
Deactivate an authentication policy
To deactivate an authentication policy, follow these steps:
- Log in to Yandex Identity Hub
. - In the left-hand panel, select
Security settings and go to the Authentication policies tab. - In the row with an active authentication policy, click
and select Deactivate. - In the window that opens, confirm the policy deactivation.