Click Devices > Identity Servers > Brokering.
Click the existing or newly created Brokering Group.
Click Rules and specify the following details:
Name: Displays the rule name of the brokering group.
Enabled: Displays the status of the brokering group rule.
Identity Providers: Displays the number of identity providers configured to the brokering group.
Service Providers: Displays the number of service providers configured to the brokering group.
Priority: Displays the brokering group rule priority number.
Actions: Displays the configured brokering group rule action status as permit or deny.
Role Conditions: Displays the brokering group role condition, such as manager and employee, configured on the rule page.
Click OK > Apply.
Click Devices > Identity Servers > Brokering.
Click the existing or newly created Brokering Group hyperlink.
Click Rules.
Rule Name: Specify the name of the rule.
Rule Priority: Select the rule priority from the list.
NOTE:The default rule specified during creation of the group has a priority of 1. Additional rules can be added, and existing rules can be deleted or modified. You can use the Edit Rules Page to modify the priority of the rules.
Origin IDP: Displays all Identity Servers that are available in the group.
Allowed SP: Displays all service providers that are available in the group.
Role Conditions: Displays the brokering group role condition such as manager and employee configured on the rule page.
Actions: Select Permit or Deny action for the rule you configure to the brokering group.
NOTE:By default, Access Manager allows any role. If you want to allow access to only particular roles, configure a permit condition for roles with higher priority and configure a deny condition in which no roles are defined with lower priority.
Click Finish to complete configuration of rules for the brokering group.
Click Devices > Identity Servers > Edit > Brokering > (Brokering Group in the Brokering Group list) > Rules.
Select the brokering group rule you want to delete, and click Delete.
Click OK.
Click Devices > Identity Servers > Edit > Brokering > (Brokering Group in the Brokering Group list) > Rules.
Select the brokering group rule you want to enable.
Click Enable.
Click Devices > Identity Servers > Edit > Brokering > (Brokering Group in the Brokering Group list) > Rules.
Select the brokering group you want to disable from the brokering group rule configuration.
Click Disable.
Click Devices > Identity Servers > Edit > Brokering.
Click the existing or newly created brokering group.
Click Rules.
Click the Brokering Rules hyperlink to edit the information.
You can edit all fields. For information about create brokering rule, see Creating a Brokering Rule