Can policy use request param?


This topic has 3 replies, 2 voices, and was last updated 2 years, 8 months ago by Leon_Skeldon.

  • Author
  • #27803


    I’ve seen it is possible to extend the policies via scripting. Is it possible to use such extensions to check fields in the original request e.g. check the amount field and have rule saying if amount < £1000 auth level must be at least 50 else auth level must be higher than 50?


     Jatinder Singh

    One way is to use authentication trees and set auth level based on your request parameter i.e the amount field. You can read params via Scripting Decision node. Your policy can then act on this authentication level whether to allow access or issue an advice e.g transactional authentication.

     Jatinder Singh

    There was a typo in my earlier response – i meant to say transactional authorization.

    Hope this helps!


    Great, thankyou!

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?