Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

SAS PCE documentation
- Explore Thales Docs

SAS PCE
Agents
MobilePASS+
SafeNet Access Exchange
BSIDCA API
- BSIDCA endpoints
- BSIDCA custom attributes
Integrations
Account management
Release Notes

All

All

Access and Risk Management

Configuring an access policy to secure an application

Please Note:

SafeNet Access Exchange
Install SafeNet Access Exchange
- Podman
- Docker
System Requirements
Configuration
- Realm creation and authentication flow
- User Federation Setup
- Customization
- Integrations using SafeNet Access Exchange
- Logging in SafeNet Access Exchange
- Additional Configuration
  - Managing OpenID Connect and SAML Clients
  - Assigning permissions using roles and groups
  - Managing Users
  - Managing user sessions
  - Configuring auditing to track events
  - Configuring realms
  - Configuring Authentication
  - Integrating identity providers
  - Using external storage
- StepUp Authentication using SafeNet Access Exchange
- Access and Risk Management
  - Configuring an access policy to secure an application
Testing the End User Login Flow
Integrations
- SAS PCE for Salesforce
  - Prerequisites
  - Identity Provider (SafeNet Access Exchange) Setup
  - Salesforce Configuration
  - Verify Authentication
- SAS PCE for Kintone Application (SAML)
  - Prerequisites
  - Kintone Setup
  - Identity Provider (SafeNet Access Exchange) setup
  - Verify Authentication
- SAS PCE for Non-SAML/OIDC Web Application
  - Prerequisites
  - Configure SafeNet App Gateway with SAS PCE
  - Test the Solution
- SAS PCE for Office365 Application (SAML)
  - Prerequisites
  - Identity Provider (SafeNet Access Exchange) Setup
  - Office 365 Setup
  - Verify Authentication
  - Appendix: Office 365 Access Continuity for SafeNet Trusted Access
- OAuth 2.0 Support with SafeNet Access Exchange
- SAS PCE as an External Authentication Method (EAM) in Microsoft Entra ID
  - Prerequisites
  - Identity Provider (SafeNet Access Exchange) Setup
  - Microsoft Entra ID Setup
  - Verify Authentication
  - Use Cases
  - Appendix - CBA for SAS PCE as Entra ID External Authentication Method (EAM)
- SAS PCE for PingFederate
  - Integrate SafeNet Access Exchange (SAE) with PingFederate - OIDC
  - Integrate SafeNet Access Exchange (SAE) with PingFederate - SAML
Troubleshooting

SAS PCE documentation
SafeNet Access Exchange
Configuration
Access and Risk Management
Configuring an access policy to secure an application

Configuring an access policy to secure an application

This section describes the workflow for configuring a policy.

To configure a policy.

Configure the settings.
Configure the resource.
Configure the regex policy.

In this example, the policy ensures that only users with an email ID of gmail are allowed to access Salesforce.
Configure the permission with policy and resource.
Try to login to Salesforce, which is configured as a client in SafeNet Access Exchange with a callback URL. You will be redirected to SafeNet Access Exchange (IDP) to login.
Enter your username.
Enter your passcode (password, GrIDSure, or any SAS token).
In this first example, the email ID is yahoo. Therefore, the access request is denied by the policy.
In this second example, the email ID is gmail. Therefore, access is granted by the policy.
The Salesforce resource opens.

On this page

SafeNet Authentication Service Private Cloud Edition

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Customer Support Portal
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com