Basic knowledge of the Ruby programming language is required in order to use this predicate.
Given a code expression, this predicate provides the current user context and runs that expression. If the execution returns
true then the predicate is met. In cases which return
false or produce runtime errors or if it takes longer than 100 milliseconds to evaluate, the predicate fails.
For example, the following code will simply check whether the authentication timestamp in UTC time is not between 8AM and 6PM:
Time.now.utc.hour < 8 or Time.now.utc.hour > 18
Or the following condition is met when the user browser IP address is within the
context.auth_request.ip_address === IPAddr.new('220.127.116.11/16')
We provide the user contextual information such as LOA score, location, network, etc. so that it can be used in order to develop the condition.
context variable is available with the same name in the code. For example
context.auth_request.ip_address returns the user IP address.
Here are the available context attributes:
|AuthRequest||Authentication Request Information|
|UserMobile||Information from user mobile app|
|MobileVsAuthRequestDistance||The distance between the user mobile device and the authenticating device e.g. browser|
|The user country1|
|The user public IP address|
|Authenticating device (e.g. browser) location latitude1|
|Authenticating device (e.g. browser) location longitude1|
|The groups the user is member of (Active Directory groups if your instance is integrated with it)|
|Current LOA score of the user based on the current situation|
|Current user unique identifier|
1 All the attributes based on geo-location require the end-user giving permission to track their location.
|User mobile device operating system|
|Running mobile application version|
|Mobile device location latitude|
|Mobile device location longitude|
|Mobile device IP address|
|Current user unique identifier sent from the mobile app|
|Distance in kilometers|
|Distance in meters|
|Distance in miles|
|Distance in feet|