Security Policies

You may have content that you want to make available online to only some users. You might want to do this on your member portal, an event microsite, or a Rhythm integrated website. Rhythm allows you to define security policies which have rules to identify just the users who should have access. For example, you might have a security policy for active members, members of a committee, certain organization types, or any other eligibility you define.

Once you have security policies defined, you can use them to restrict access to a page or menu item in a Rhythm portal or microsite. If you have integrated your website with Rhythm by following our Wordpress or SiteFinity guides, users will automatically be assigned roles based on the security policies in Rhythm that apply to them each time they log in.

This guide will explain how to create and test a security policy in the Rhythm console.

Getting Started

To start, log in to the Rhythm console and head over to the Portal & Microsites app.

To create a new Security Policy, click Create Security Policy or edit an existing Security Policy.

Eligibility

You have a wide range of options on how to segment your users and can create as many Security Policies as you would like. Next, let's give our policy a name. You can choose from variety of eligibility criteria such as location or age. You can see an example in this screenshot:

Special Operations

When Restrict to console users only is set to true, this security policy will only allow access to console users who are logged into the portal as an external user. This is helpful when you want to preview pages and menu items and see how they behave in the portal, without making those changes publicly available.

Event Permissions

These permissions only apply to event microsites. If you assign this policy to a page in a normal portal site, the permissions below will be ignored and only the criteria above will be used to determine if a visitor can access the page.

Customize Error

This message will popup in a window if a user tries to access a page that violates the security policy. Keep it brief!

Testing a security policy

Rhythm includes a tool to test your security policy to ensure it applies to the users you expect. Under the Eligibility Criteria, click Test this Eligibility Criteria. Here, you can search for any contact and press Check Eligibility to see if the security policy applies to the selected contact.