Supported editions for this feature: Frontline Standard and Frontline Plus; Enterprise Standard and Enterprise Plus; Education Standard and Education Plus; Enterprise Essentials Plus; Cloud Identity Premium. Compare your edition
As an administrator, you can use a default Context-Aware Access policy to enhance security for SAML apps. Your default policy serves as a backup when SAML apps don't have a Context-Aware Access policy applied.
What if an app already has a Context-Aware Access policy?
If a SAML app has its own Context-Aware Access policy, that policy is applied. Your default policy only applies if the app has no specific Context-Aware Access policy.
Apply a default Context-Aware Access policy for SAML apps
Before you begin: If needed, learn how to apply the setting to a department or group.
-
In the Google Admin console, go to Menu
Security
Access and data control
Context-Aware Access.Requires the Data security access level and rule management privileges and the Admin API groups and users read privileges.
- On the Context-Aware Access page, click General Settings.
-
(Optional) To apply the setting only to some users, at the side, select an organizational unit (often used for departments) or configuration group (advanced).
Group settings override organizational units. Learn more
- Click Access levels for all SAML apps Edit Access
levels for all SAML apps.
- In the panel that opens, choose up to 10 access levels to apply as your default policy.
-
Click Save. Or, you might click Override for an organizational unit.
To later restore the inherited value, click Inherit (or Unset for a group).