Authentication policies are workflows that dictate the authentication mechanisms that are required so that the user can access a resource.
The access control policy that is attached to the resource can be used to determine the authentication policy with which the user must comply to access the resource. For example, the authentication policy can require the user to provide a one-time password value or authenticate with a user name and password whether or not an authenticated session exists.
Predefined authentication policies are available by default. See Predefined authentication policies.
Use an authentication policy as a permit condition of an access control policy.