Creating a New Provisioning Rule

Prerequisites: To add a new provisioning rule, you must be assigned the Configure Settings permission in Administrator Account.

To create a new provisioning rule, follow the steps below:

  1. Sign in to Administration portal.

  2. Click Settings in the left navigation bar to open the Settings page.

  3. Click HID Approve Authentication Configuration on the Settings page, then you can see the list of HID Approve applications.

  4. From the list of HID Approve applications, choose a SDK App for which you want to add the provisioning rule.

    Expand the App and click on the arrow (>) of "Provisioning Rule" tile to open the Provisioning Rules list page.

  5. Click ADD RULE button, then add provisioning rules page opens.

  6. In the add provisioning rules page, provide the following parameters to create a provisioning rule.

    Note: To support Bio Class 2 as an allowance, please contact HID Global Technical Support team for guidance.
    Parameters Description
    Rule ID The auto-generated and sequentially created ID is based on the existing Rule ID.
    Operating system Select one of the Operating System (Android/iOS/macOS/Windows) from the drop-down list based on your requirement.
    Minimum/Maximum OS version

    Specify the minimum and maximum OS versions in order to apply the provisioning conditions allowed by the rule.

    Note:

    • If both the Minimum and Maximum OS Version fields are empty, then the rule applies to ALL versions.

    • If both the Minimum and Maximum OS Version fields have the same or equal value, then the OS version is set to that specific value.
    Outcome message

    The message will be shown to define the result of the rule based on the restrictions selected and/or specified Minimum/Maximum OS versions.

    You can customize the outcome message based on your requirement.

    Block Software Keystore

    (For Android/iOS only)

    		 Enable this option to restrict HID Approve activation only to devices with a hardware-backed keystore.

    Block Rooted Device

    (For Android only)

    		 Enable this option to prevent HID Approve activation on devices detected as Rooted. This ensures higher security standards by disallowing usage on potentially compromised devices.

    Block Jailbroken Device

    (For iOS only)

    		 Enable this option to prevent HID Approve activation on devices detected as Jailbroken. This ensures higher security standards by disallowing usage on potentially compromised devices.

    Allow Bio Class 2

    (For Android only)

    		 Enable this option to allow biometric authentication with Bio Class 2 devices. While convenient, this setting offers a lower security level compared to Bio Class 3.

  7. After entering the information, the SAVE button becomes enabled. Click SAVE.

  8. Successfully created rule will be added to the provisioning rules list.