On APM, you can develop per-request policies with subroutines that perform
different levels of authentication, federated identity management, SSO (single sign on), and MFA
(multi-factor authentication) depending on the requirements. Subroutines perform continuous
checking based on a specified duration or gating criteria. Policies can be as complex or as
simple as you need them to be to provide seamless yet secure access to resources. Refer to
Implementing Zero Trust with Per-Request Policies
for many examples of per-request
policies that implement different aspects of zero trust.