The account recovery context uses a policy to define how and when the account recovery can be established.

Administrators can view and modify this context and its associated policy by navigating to Multi-Provider SSO > Account Recovery > Account Recovery Context.

Note: By default the policy is Allow Policy. The Login for users are restricted by default and the login is allowed only if the conditions defined in Allow Policy evaluates to true.

Use the fields in the account recovery context record to define how your instance uses the policy.

Table 1. Account recovery context form
FieldDescription
Name Name of the policy context. This field is static and cannot be changed.
Description Description of the context
Default Policy Defines the default behavior of this context when evaluating the policy. Select from the following options:
  • Allow Policy
  • Deny Policy
Allow Policy This field appears only when the Default Policy field is set to Allow Policy.
Deny Policy This field appears only when the Default Policy field is set to Deny Policy.

Policy inputs and conditions

The Policy Input and Policy Conditions tabs display the inputs and conditions of the policy selected in the Allow Policy or Deny Policy field. These tabs serve as a reference, but cannot be used to change the policy inputs or conditions. To modify your policy settings, navigate to the policy using the Preview this record icon next to the Allow Policy or Deny Policy field.

Note: Policy conditions can be created from here, but as a good practise it is recommended to add new policy conditions from policy page.