Policies

The Okta Policy API enables an Administrator to perform Policy and Policy Rule operations. The Policy framework is used by Okta to control Rules and settings that govern, among other things, user session lifetime, whether multi-factor authentication is required when logging in, what MFA factors may be employed, password complexity requirements, what types of self-service operations are permitted under various circumstances, and what identity provider to route users to.

Policy settings for a particular Policy type, such as Sign On Policy, consist of one or more Policy objects, each of which contains one or more Policy Rules. Policies and Rules contain conditions that determine whether they are applicable to a particular user at a particular time.

List all Policies
OAuth 2.0: okta.policies.read

Lists all policies with the specified type

Request
query Parameters
type
required
string
status
string
expand
string
Default: ""
Responses
200

Success

403

Forbidden

429

Too Many Requests

get/api/v1/policies
Request samples
Response samples
application/json
[
  • {
    • "created": "2019-08-24T14:15:22Z",
    • "description": "string",
    • "id": "string",
    • "lastUpdated": "2019-08-24T14:15:22Z",
    • "name": "string",
    • "priority": 0,
    • "status": "ACTIVE",
    • "system": true,
    • "type": "ACCESS_POLICY",
    • "_embedded": {
      },
    • "_links": {
      }
    }
]

Create a Policy
OAuth 2.0: okta.policies.manage

Creates a policy

Request
query Parameters
activate
boolean
Default: true
Request Body schema: application/json
description
string
name
string
priority
integer
status
string (LifecycleStatus)
Enum: "ACTIVE" "INACTIVE"
system
boolean
type
string (PolicyType)
object (PolicyRuleConditions)
object (AppAndInstancePolicyRuleCondition)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
object (AppInstancePolicyRuleCondition)
exclude
Array of strings
include
Array of strings
object (PolicyRuleAuthContextCondition)
authType
string (PolicyRuleAuthContextType)
Enum: "ANY" "RADIUS"
object (PasswordPolicyAuthenticationProviderCondition)
include
Array of strings
provider
string (PasswordPolicyAuthenticationProviderType)
Enum: "ACTIVE_DIRECTORY" "ANY" "LDAP" "OKTA"
object (BeforeScheduledActionPolicyRuleCondition)
object (Duration)
object (ScheduledUserLifecycleAction)
object (ClientPolicyCondition)
include
Array of strings
object (ContextPolicyRuleCondition)
migrated
boolean
object (DevicePolicyRuleConditionPlatform)
rooted
boolean
trustLevel
string (DevicePolicyTrustLevel)
Enum: "ANY" "TRUSTED"
expression
string
object (DevicePolicyRuleCondition)
migrated
boolean
object (DevicePolicyRuleConditionPlatform)
rooted
boolean
trustLevel
string (DevicePolicyTrustLevel)
Enum: "ANY" "TRUSTED"
object (GrantTypePolicyRuleCondition)
include
Array of strings
object (GroupPolicyRuleCondition)
exclude
Array of strings
include
Array of strings
object (IdentityProviderPolicyRuleCondition)
idpIds
Array of strings
provider
string (IdentityProviderPolicyProvider)
Enum: "ANY" "OKTA" "SPECIFIC_IDP"
object (MDMEnrollmentPolicyRuleCondition)
blockNonSafeAndroid
boolean
enrollment
string (MDMEnrollmentPolicyEnrollment)
Enum: "ANY_OR_NONE" "OMM"
object (PolicyNetworkCondition)
connection
string (PolicyNetworkConnection)
Enum: "ANYWHERE" "ZONE"
exclude
Array of strings
include
Array of strings
object (PolicyPeopleCondition)
object (GroupCondition)
object (UserCondition)
object (PlatformPolicyRuleCondition)
Array of objects (PlatformConditionEvaluatorPlatform)
Array of objects (PlatformConditionEvaluatorPlatform)
object (RiskPolicyRuleCondition)
behaviors
Array of strings unique
object (RiskScorePolicyRuleCondition)
level
string
object (OAuth2ScopesMediationPolicyRuleCondition)
include
Array of strings
object (UserIdentifierPolicyRuleCondition)
attribute
string
Array of objects (UserIdentifierConditionEvaluatorPattern)
type
string (UserIdentifierType)
Enum: "ATTRIBUTE" "IDENTIFIER"
object (UserPolicyRuleCondition)
exclude
Array of strings
object (InactivityPolicyRuleCondition)
include
Array of strings
object (LifecycleExpirationPolicyRuleCondition)
object (PasswordExpirationPolicyRuleCondition)
object (UserLifecycleAttributePolicyRuleCondition)
object (UserStatusPolicyRuleCondition)
value
string (PolicyUserStatus)
Enum: "ACTIVATING" "ACTIVE" "DELETED" "DELETING" "EXPIRED_PASSWORD" "INACTIVE" "PENDING" "SUSPENDED"
Responses
200

Success

400

Bad Request

403

Forbidden

429

Too Many Requests

post/api/v1/policies
Request samples
application/json
{
  • "description": "string",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "description": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "_embedded": {
    • "property1": { },
    • "property2": { }
    },
  • "_links": {
    • "self": {
      }
    },
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}

Create a Policy Simulation
Identity Engine
OAuth 2.0: okta.policies.read

Creates a policy or policy rule simulation. The access simulation evaluates policy and policy rules based on the existing policy rule configuration. The evaluation result simulates what the real-world authentication flow is and what policy rules have been applied or matched to the authentication flow.

Request
query Parameters
expand
string

Use expand=EVALUATED to include a list of evaluated but not matched policies and policy rules. Use expand=RULE to include details about why a rule condition was (not) matched.

Example: expand=expand=EVALUATED&expand=RULE
Request Body schema: application/json
Array
appInstance
required
string

The application instance ID for a simulate operation

object (PolicyContext)
object
required
object

An array of Group IDs for the simulate operation. Only user IDs or Group IDs are allowed, not both.

ip
string

The network rule condition, zone, or IP address

object

The risk rule condition level

required
object

The user ID for the simulate operation. Only user IDs or Group IDs are allowed, not both.

object
policyTypes
Array of strings (PolicyType)

Supported policy types for a simulate operation. The default value, null, returns all types.

Items Enum: "ACCESS_POLICY" "IDP_DISCOVERY" "MFA_ENROLL" "OKTA_SIGN_ON" "PASSWORD" "PROFILE_ENROLLMENT"
Responses
204

Success

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/policies/simulate
Request samples
application/json

Simulate policy request body

{
  • "policyType": [
    • "OKTA_SIGN_ON",
    • "MFA_ENROLL"
    ],
  • "appInstance": "0oa4eroj3nYCIJIW70g7",
  • "policyContext": {
    • "groups": {
      }
    },
  • "risk": {
    • "level": "LOW"
    },
  • "zones": {
    • "ids": [
      ]
    },
  • "device": {
    • "platform": "IOS",
    • "registered": true,
    • "managed": true
    }
}
Response samples
application/json

Simulate policy response body

{
  • "evaluation": [
    • {
      },
    • {
      },
    • {
      }
    ]
}

Retrieve a Policy
OAuth 2.0: okta.policies.read

Retrieves a policy

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
query Parameters
expand
string
Default: ""
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/policies/{policyId}
Request samples
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "description": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "_embedded": {
    • "property1": { },
    • "property2": { }
    },
  • "_links": {
    • "self": {
      }
    },
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}

Replace a Policy
OAuth 2.0: okta.policies.manage

Replaces the properties of a Policy identified by policyId

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Request Body schema: application/json
description
string
name
string
priority
integer
status
string (LifecycleStatus)
Enum: "ACTIVE" "INACTIVE"
system
boolean
type
string (PolicyType)
object (PolicyRuleConditions)
object (AppAndInstancePolicyRuleCondition)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
object (AppInstancePolicyRuleCondition)
exclude
Array of strings
include
Array of strings
object (PolicyRuleAuthContextCondition)
authType
string (PolicyRuleAuthContextType)
Enum: "ANY" "RADIUS"
object (PasswordPolicyAuthenticationProviderCondition)
include
Array of strings
provider
string (PasswordPolicyAuthenticationProviderType)
Enum: "ACTIVE_DIRECTORY" "ANY" "LDAP" "OKTA"
object (BeforeScheduledActionPolicyRuleCondition)
object (Duration)
object (ScheduledUserLifecycleAction)
object (ClientPolicyCondition)
include
Array of strings
object (ContextPolicyRuleCondition)
migrated
boolean
object (DevicePolicyRuleConditionPlatform)
rooted
boolean
trustLevel
string (DevicePolicyTrustLevel)
Enum: "ANY" "TRUSTED"
expression
string
object (DevicePolicyRuleCondition)
migrated
boolean
object (DevicePolicyRuleConditionPlatform)
rooted
boolean
trustLevel
string (DevicePolicyTrustLevel)
Enum: "ANY" "TRUSTED"
object (GrantTypePolicyRuleCondition)
include
Array of strings
object (GroupPolicyRuleCondition)
exclude
Array of strings
include
Array of strings
object (IdentityProviderPolicyRuleCondition)
idpIds
Array of strings
provider
string (IdentityProviderPolicyProvider)
Enum: "ANY" "OKTA" "SPECIFIC_IDP"
object (MDMEnrollmentPolicyRuleCondition)
blockNonSafeAndroid
boolean
enrollment
string (MDMEnrollmentPolicyEnrollment)
Enum: "ANY_OR_NONE" "OMM"
object (PolicyNetworkCondition)
connection
string (PolicyNetworkConnection)
Enum: "ANYWHERE" "ZONE"
exclude
Array of strings
include
Array of strings
object (PolicyPeopleCondition)
object (GroupCondition)
object (UserCondition)
object (PlatformPolicyRuleCondition)
Array of objects (PlatformConditionEvaluatorPlatform)
Array of objects (PlatformConditionEvaluatorPlatform)
object (RiskPolicyRuleCondition)
behaviors
Array of strings unique
object (RiskScorePolicyRuleCondition)
level
string
object (OAuth2ScopesMediationPolicyRuleCondition)
include
Array of strings
object (UserIdentifierPolicyRuleCondition)
attribute
string
Array of objects (UserIdentifierConditionEvaluatorPattern)
type
string (UserIdentifierType)
Enum: "ATTRIBUTE" "IDENTIFIER"
object (UserPolicyRuleCondition)
exclude
Array of strings
object (InactivityPolicyRuleCondition)
include
Array of strings
object (LifecycleExpirationPolicyRuleCondition)
object (PasswordExpirationPolicyRuleCondition)
object (UserLifecycleAttributePolicyRuleCondition)
object (UserStatusPolicyRuleCondition)
value
string (PolicyUserStatus)
Enum: "ACTIVATING" "ACTIVE" "DELETED" "DELETING" "EXPIRED_PASSWORD" "INACTIVE" "PENDING" "SUSPENDED"
Responses
200

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

put/api/v1/policies/{policyId}
Request samples
application/json
{
  • "description": "string",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "description": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "_embedded": {
    • "property1": { },
    • "property2": { }
    },
  • "_links": {
    • "self": {
      }
    },
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}

Delete a Policy
OAuth 2.0: okta.policies.manage

Deletes a policy

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/policies/{policyId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

List all Applications mapped to a Policy
OAuth 2.0: okta.policies.read
Deprecated

Lists all applications mapped to a policy identified by policyId

Note: Use List all resources mapped to a Policy to list all applications mapped to a policy.

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/policies/{policyId}/app
Request samples
Response samples
application/json
[
  • {
    • "accessibility": {
      },
    • "created": "2019-08-24T14:15:22Z",
    • "features": [
      ],
    • "id": "string",
    • "label": "string",
    • "lastUpdated": "2019-08-24T14:15:22Z",
    • "licensing": {
      },
    • "profile": {
      },
    • "signOnMode": "AUTO_LOGIN",
    • "status": "ACTIVE",
    • "visibility": {
      },
    • "_embedded": {
      },
    • "_links": {
      }
    }
]

Clone an existing Policy
Identity Engine
OAuth 2.0: okta.policies.manage

Clones an existing policy

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
200

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/policies/{policyId}/clone
Request samples
Response samples
application/json
{
  • "created": "2019-08-24T14:15:22Z",
  • "description": "string",
  • "id": "string",
  • "lastUpdated": "2019-08-24T14:15:22Z",
  • "name": "string",
  • "priority": 0,
  • "status": "ACTIVE",
  • "system": true,
  • "type": "ACCESS_POLICY",
  • "_embedded": {
    • "property1": { },
    • "property2": { }
    },
  • "_links": {
    • "self": {
      }
    },
  • "conditions": {
    • "app": {
      },
    • "apps": {
      },
    • "authContext": {
      },
    • "authProvider": {
      },
    • "beforeScheduledAction": {
      },
    • "clients": {
      },
    • "context": {
      },
    • "device": {
      },
    • "grantTypes": {
      },
    • "groups": {
      },
    • "identityProvider": {
      },
    • "mdmEnrollment": {
      },
    • "network": {
      },
    • "people": {
      },
    • "platform": {
      },
    • "risk": {
      },
    • "riskScore": {
      },
    • "scopes": {
      },
    • "userIdentifier": {
      },
    • "users": {
      },
    • "userStatus": {
      }
    }
}

Activate a Policy
OAuth 2.0: okta.policies.manage

Activates a policy

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/policies/{policyId}/lifecycle/activate
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

Deactivate a Policy
OAuth 2.0: okta.policies.manage

Deactivates a policy

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/policies/{policyId}/lifecycle/deactivate
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

List all resources mapped to a Policy
OAuth 2.0: okta.policies.read

Lists all resources mapped to a Policy identified by policyId

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/policies/{policyId}/mappings
Request samples
Response samples
application/json
[
  • {
    • "id": "string",
    • "_links": {
      }
    }
]

Map a resource to a Policy
OAuth 2.0: okta.policies.manage

Maps a resource to a Policy identified by policyId

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Request Body schema: application/json
resourceId
string
resourceType
string (PolicyMappingResourceType)
Value: "APP"
Responses
200

Success

400

Bad Request

403

Forbidden

404

Not Found

429

Too Many Requests

post/api/v1/policies/{policyId}/mappings
Request samples
application/json
{
  • "resourceId": "string",
  • "resourceType": "APP"
}
Response samples
application/json
{
  • "id": "string",
  • "_links": {
    • "self": {
      },
    • "application": {
      }
    }
}

Retrieve a policy resource Mapping
OAuth 2.0: okta.policies.read

Retrieves a resource Mapping for a Policy identified by policyId and mappingId

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
mappingId
required
string

id of the policy resource Mapping

Example: maplr2rLjZ6NsGn1P0g3
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/policies/{policyId}/mappings/{mappingId}
Request samples
Response samples
application/json
{
  • "id": "string",
  • "_links": {
    • "self": {
      },
    • "application": {
      }
    }
}

Delete a policy resource Mapping
OAuth 2.0: okta.policies.manage

Deletes the resource Mapping for a Policy identified by policyId and mappingId

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
mappingId
required
string

id of the policy resource Mapping

Example: maplr2rLjZ6NsGn1P0g3
Responses
204

No Content

403

Forbidden

404

Not Found

429

Too Many Requests

delete/api/v1/policies/{policyId}/mappings/{mappingId}
Request samples
Response samples
application/json
{
  • "errorCode": "E0000006",
  • "errorSummary": "You do not have permission to perform the requested action",
  • "errorLink": "E0000006",
  • "errorId": "sampleNUSD_8fdkFd8fs8SDBK",
  • "errorCauses": [ ]
}

List all Policy Rules
OAuth 2.0: okta.policies.read

Lists all policy rules

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Responses
200

Success

403

Forbidden

404

Not Found

429

Too Many Requests

get/api/v1/policies/{policyId}/rules
Request samples
Response samples
application/json
[
  • {
    • "created": "2019-08-24T14:15:22Z",
    • "id": "string",
    • "lastUpdated": "2019-08-24T14:15:22Z",
    • "name": "string",
    • "priority": 0,
    • "status": "ACTIVE",
    • "system": false,
    • "type": "ACCESS_POLICY"
    }
]

Create a Policy Rule
OAuth 2.0: okta.policies.manage

Creates a policy rule

Request
path Parameters
policyId
required
string

id of the Policy

Example: 00plrilJ7jZ66Gn0X0g3
Request Body schema: application/json
id
string
name
string
priority
integer
status
string (LifecycleStatus)
Enum: "ACTIVE" "INACTIVE"
system
boolean
Default: false
type
string (PolicyRuleType)
object (AccessPolicyRuleActions)
object (AccessPolicyRuleApplicationSignOn)
access
string
object (VerificationMethod)
object (AccessPolicyRuleConditions)
object (AppAndInstancePolicyRuleCondition)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
Array of objects (AppAndInstanceConditionEvaluatorAppOrInstance)
object (AppInstancePolicyRuleCondition)
exclude
Array of strings
include
Array of strings
object (PolicyRuleAuthContextCondition)
authType
string (PolicyRuleAuthContextType)
Enum: "ANY" "RADIUS"
object (PasswordPolicyAuthenticationProviderCondition)
include
Array of strings
provider
string (PasswordPolicyAuthenticationProviderType)
Enum: "ACTIVE_DIRECTORY" "ANY" "LDAP" "OKTA"
object (BeforeScheduledActionPolicyRuleCondition)
object