TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-15 04:18:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
ee86eb4399
zitadel/site/docs/administrate/07-policies.en.md
mffap ea2aa27f15
docs: improvement to semantics (#944) 
* rename to overview

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* add grafana tutorial

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* reviewed documentation

* reviewed documentation

* wip

* wip

* wip

* wip

* wip

* wip

* examples

* ts example

* wip with grafana

* screenshots and grafana

* figure out oauth proxy

* authz oauth proxy

* move img

* merge from master

* cleaned up name for management roles

* corrected small typo in code

* Intro for orgs, spelling, ref to mgmt roles

* removed inline comments

* Update 00-quick-start.en.md

* Update 02-organisations.en.md

* Update site/docs/administrate/03-projects.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 03-projects.en.md

* Update 04-clients.en.md

* Update site/docs/administrate/07-policies.en.md

Co-authored-by: Florian Forster <florian@caos.ch>

* Update 09-authorizations.en.md

Co-authored-by: Florian Forster <florian@caos.ch>
2020-12-01 16:56:33 +01:00

1.2 KiB
Raw Blame History

title
Policies

What are policies

Policies are a means of enforcing certain behaviour of ZITADEL. ZITADEL defines a default policy on the system level. However an organisation owner can change these aspects within his own organisation.

Available policies

Below is a list of available policies

Password complexity

This policy enforces passwords of users within the organization to be compliant.

  • min length
  • has number
  • has symbol
  • has lower case
  • has upper case

Screenshot here

IAM Access Preference

If enabled, this policy enforces that usernames are suffixed with the organisations domain. Under normal operation this policy is only false on the global organisation, so that users can choose their email as their username.

Only available for the IAM Administrator.

Screenshot here

Login Options

With this policy it is possible to define what options a user sees in the login process:

  • Username Password allowed
  • Self Register allowed
  • External IDP allowed
  • List of allowed external IDPs

Screenshot here

Audit policy changes

Screenshot here

Upcoming Policies

  • Password age
  • Password failure count