A per-session policy, also known as an access policy, can include authentication or not. The
policy can be as simple as Start-Allow, or it can be very complex.
A policy that runs for each request throughout a session. It must
include a call to the step-up authentication subroutine, and can include logic that determines
when to call the step-up authentication subroutine. Unless the gating criteria for the step-up
authentication subroutine is set to blank, or to a variable that gets populated automatically,
the per-request policy must contain an agent to populate the gating criteria.
Per-request policy subroutine
Part of a per-request policy in which you configure a type of authentication to use for
Per-request policy subroutine gating criteria setting
A setting that is blank or contains a perflow variable that specifies a
distinct value that represents a reason to run step-up authentication.