Auth policies
Auth policies define a set of conditions that an identity must meet to be considered authenticated and to gain access to the network. These policies establish the required criteria for a client to join and connect to the network. When creating an identity, it's assigned an auth policy (either one you specify or the system's default policy), and this policy can be updated at any time.
- Purpose: They allow you to define rules that specify how an identity must authenticate during enrollment or connection. This dictates which authentication methods (like username/password or certificate-based) are allowed.
- Association: You associate an Auth policy with an identity at the time of its creation. You can use the built-in
defaultpolicy or create custom policies for specific user groups or device types (e.g., automatically provisioning IoT devices).
Console reference
Auth policies table
The Auth Policies tab defines the authentication requirements for identities, specifying which methods (Certificate, JWT, or UPDB) are permitted or required.
| Column | Description |
|---|---|
| Name | The unique, user-defined name for the authentication policy. |
| Cert | Indicates if certificate-based authentication is enabled for this policy. |
| External JWT | Indicates if authentication via an external JWT signer is enabled. |
| UPDB | Indicates if Username/Password Database authentication is enabled. |
| Created At | The date and time the policy was created. |
| ID | The unique, system-assigned ID (UUID) for the policy. |