2 docs tagged with "access-control"

Policies are reusable decisions in authentik. They let you control whether a user can access an application, whether a stage in a flow should run, whether a source can be used, or whether data entered in a prompt stage is valid.

For a high-level overview of the available policy types, see Policies. This page focuses on the mechanics: where policies are attached, how bindings work, and how authentik evaluates multiple results.