Policies
      Back to home
      1. Support Center
      2. Safous ZTA Admin Guide
      3. Policies

      [ZTA] Policies/Rules (Custom)

      The advanced custom rule feature enables administrators to control access to applications by utilizing their own API call response. Admins can create rules based on criteria that define in custom rules. If users do not meet these criteria, their access is denied, which enhances the security of applications. This feature allows organizations to tailor access rules for critical applications, ensuring stronger protection.

      To implement this feature, follow these two steps:

      1. Create the rule: Define the custom API rules.
      2. Apply the rule to the policy: Enforce the rule within the appropriate policy.

      Create the Rule

      1. Navigate to Settings > ZTNA > Policies > Rules (Custom) > New Rules (Custom)
      2. Once clicked, it will expand all the option for custom rule that can be used.

        Configuring custom rules really depends on your API usage and behavior. Ensure you know how your REST API behavior and what API response data that you expect after calling the API URL.
      3. Input the rule name; it's mandatory and must be unique compared to other policies. There is also a toggle status that can be used to enable the rule.
      4. Choose API method (GET or POST) and input your API URL.
      5. Insert Header for the API call by clicking Add button. Multiple headers key and value also supported.
      6. Choose Authentication method (None, Basic, or OAuth) that used to call the API
      7. Choose Verification method (JSON or JSONP "JSON with Padding") that used to call the API
      8. Insert API response data, you can choose between this type (String, Store response value, or Regex). Then, insert the expected Key and Value.
      9. After completing all mandatory fields, click Save.
      10. The newly created rule will appear on the "Rules (Custom)" page.

      Apply the rule to the policy

      1. After creating an Advanced Rule (Custom), you can apply it in conditon Conditions. Navigate to Settings > ZTNA > Policies > Conditions, it will expand all the option for policy that can be use for application authorization. Fill out condition name and the advanced rules that are used in this condition. 
      2. Click save.