Time based authentication (Time Fencing)

Time-Based Authentication (also called Time Fencing) is a feature in ZTrust that lets administrators control when users are allowed to log in.

Admins can define a time window (e.g., 9:00 AM to 6:00 PM), and users will only be allowed to log in during that window. Outside of the allowed time, login will be blocked.

This feature can be configured in two ways:

  • Realm-Level configuration : Applies to all users in the entire application.

  • Group-Level configuration : Applies the only user who is belong to specific assigned group

Key Points:

  • Restrict login access to defined time ranges.

  • Support for both realm-wide and group-specific configurations.

  • Group-level configuration overrides realm-level settings if both are defined.

Flow Configuration:

  1. Realm-Level Time Fencing :

    1. Login to ZTrust Admin Console

    2. Select the realm you want to configure

    3. Navigate to authentication section.

    4. Make a duplicate of browser flow.

    5. Provide appropriate name.

    6. Then click on + button and select add execution, select the feature like below

    7. Whole configuration need to be like this

    8. Click the configuration button next to the Time-Fencing step.

    9. Set the following configuration values :

      • Login Start Time(e.g., 10:00)

      • Login End Time(e.g., 18:00)

      • Time Zone(e.g., Asia/Kolkata)

      • Use 24-hour time format for both start and end times (HH:mm)

  2. Group-Level Time Fencing :

    1. Navigate to the group section in the ZTrust admin console.

    2. Create a new group or selected one.

    3. Inside the selected group, go to the attributes section.

    4. Add the Attributes as Login Start Time (login_start_time) and Login End Time (login_end_time).

    5. Go to the Members tab and add users to this group,(“These users will now be subject to the time fencing rules defined for the group.”)

    6. If a login attempt is made outside the permitted timeframe, the user will receive the following error:

      1. Access Denied: Your login attempt is outside the allowed timeframe. Please try again during permitted hours.

Last updated