Add a Risk-Based Authentication Message Policy
The risk-based authentication (RBA) message policy defines the message that users see when they are prompted to configure their identity confirmation method. You can create multiple RBA message policies, for example, one for each security domain. This policy applies to all users in the security domain.
In a replicated deployment, changes to policies might not be immediately visible on the replica instance. This delay is due to the cache refresh interval. Changes should replicate within 10 minutes. To make changes take effect sooner on the replica instance, see Flush the Cache.
Procedure
In the Security Console, click Authentication > Policies > RBA Message Policies > Add New.
Under RBA Message Policy Basics, do the following:
In the RBA Message Policy Name field, enter a unique name that does not exceed 128 characters.
(Optional) To set this policy as the default policy, select Set as the default RBA Message Policy.
(Optional) In the Notes field, enter any notes.
Under Message Confirmation, review the message in the Message Text field, and customize the message if necessary.
Click Save.
Related Concepts
Related Articles
RSA SecurID Software Token 2.4 for iOS Quick Start (Portuguese) Number of Views Edit an Authentication Agent Number of Views Session Lifetime Limits Number of Views Update System Date and Time Settings Number of Views Test Access to Cloud Access Service Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
