When the Justification Policy is enabled, prior to the login / checkout process users will see a prompt for Justification only within the UI.
Note: If you directly invoke the login / checkout APIs scripts (not through the UI), justification is not applicable, regardless if the policy is enabled or not.
Justification policy enabled login flow example
The justification login flow occurs after any account action such as:
- Select / request account
- Enter account
- Use My Account
- Use account-name
The login flow also occurs after any login action from a system local account.
The justification login flow:
- A dialog box appears, prompting the user to enter a reason / justification with Continue and Cancel options.
Note: The Continue option is highlighted once the you enter the reason / justification text.
- Once Continue is selected, the dialog closes and the normal login flow continues.
The checkout flow occurs after any checkout action:
- A dialog box appears, prompting the user to enter a reason / justification with Continue and Cancel options.
Note: The Continue option is highlighted once the you enter the reason / justification text.
- Once Continue is selected, the dialog closes and the normal checkout flow continues.
Note: The justification dialog will happen prior to any MFA requirements.
Justification policy options
The prompt for justification occurs as follows:
- System Policy – Yes / no/ cancel prompt during interactive checkout and login operations.
- Account Policy - Yes / no/ cancel prompt for during interactive checkout operations.
- System Set Policy – Yes / no/ cancel prompt during interactive checkout and login operations.
- Account Set Policy - Yes / no/ cancel prompt during interactive checkout operation.
- Global System Policy – Checkbox prompt during interactive checkout and login operations.
- Global Account Policy - Checkbox prompt during interactive checkout operations on all accounts.
- Policy Summary - Shows the state of the policy and inheritance.
Doc Feedback