Guides
Secure Access Help Center

Network Authentication for Zero Trust Access

In addition to any other authentication requirements you configure, you can require end users to re-authenticate themselves at an interval that you choose before they can connect to private resources using Zero Trust Access.

End users need to sign in only once during the interval you specify; after signing in, users can connect to any private resources that are enabled for Zero Trust Access, when rules allow access. When the interval ends, users must sign in again to regain Zero Trust Access to allowed private resources for the specified period of time.

iOS devices do not support this feature. You must disable this feature in access rules that will apply to iOS users, or users of iOS devices will be unable to access resources. Users of iOS devices will not be able to re-authenticate after initial authentication.

You will want to balance security needs with end-user convenience. For example, for some applications, you may want to require that users re-authenticate daily, while for others, once a week may be enough.

The interval specified on the Rule Defaults page is used by default for all new private access rules. To set or change the default interval, see Important Information About Changing Rule Defaults and Edit Rule Defaults and Global Settings.

For each private access rule that includes at least one private resource as a destination, you can choose to use the default interval or specify a different interval. See Add a Private Access Rule.

These authentication options are in addition to any sign-in requirements required by mechanisms outside of Secure Access, such as those required to access individual resources. The User Authentication Interval setting is unrelated to device enrollment in Zero Trust Access, including enrollment renewal.

If you disable this authentication option, users are never prompted to sign in again after they have authenticated once.

Comparison of Client-Based and Browser-Based Zero Trust Access Connections< Network Authentication for Zero Trust Access > Manage the Access Policy

Updated about 2 months ago