UID - Manage security policies

Access to UID is controlled by UID security policies. 

Once you've created a workspace and installed the UID Agent application on your UniFi OS Console, a default security policy with rules will be generated automatically and applies to all workspace users. The default policy cannot be modified. You can also create custom security policies for your workspace. 

This article describes how to create sign-on and password policies on the UID Agent application and create rules for each policy.

Note: Only the workspace Owner or Super Admins can create security policies and their associated rules.

How security policies and their associated rules work

There are two kinds of security policies:

  • Sign-on policy: Controls how users can access UID.
  • Password policy: Determines the users' password complexity, password validity period, password lock, and account recovery.

Each policy needs to have certain rules assigned that include the conditions when the policy is applied. The policies and the associated rules work in the following manner:

  • When a policy is matched, the conditions of the policy are combined with the conditions in the associated rules.
  • When all conditions are met, the rules will be applied.
  • A policy without rules will not be applied.

Create a sign-on policy and rule

To add a sign-on policy and rule:

  1. Log in to the UID Admin Portal and go to the Security section.
  2. Expand the UID Sign-on Policy section and click Add UID Sign-on Policy.


  3. Enter the information for the sign-on policy:
    1. Enter the policy name and description.
    2. Click on the Valid Date drop-down field to set a valid duration for the policy.


    3. Click the button to apply the policy to specify groups, roles, or users.


  4. Enter the sign-on policy rules.


You will be directed back to the Security Policy section and your new sign-on policy will be visible there. The new policy and its associated rules are in effect on the next users' log in.

Create a password policy and rule

Note: In the default password policy, you can only edit the password settings and account recovery.

To add a password policy and rule:

  1. Log in to the UID Admin Portal and go to the Security section.
  2. Expand the Password Policy section and click Add UID Password Policy.
  3. Enter the information for the password policy.
  4. Select the password settings in the Settings section by following the instructions on-screen.


  5. Enter the password policy rules and click Save to complete the sign-on policy creating process.


Edit and delete a policy

To edit the policy, click on the specific policy, edit the necessary information, and click Save to apply the new settings. 

To modify the policy or rule priority, click and drag the policy or rule to make its priority higher or lower. The higher priority will be matched first. 

Note: The default policy and rules have the lowest priority, and they cannot be modified.


To delete a policy or rule, hover over the policy or rule, click Delete, and then click OK to confirm.


Was this article helpful?
4 out of 7 found this helpful