Only the password authentication method is configured in the default policy rules. You must edit the policy rules to select the other authentication methods you configured and set the order in which the authentication methods are used for authentication.

When you use smart cards for authentication, the certificate's authentication method must be the first authentication method in the list. If not, smart card authentication fails.

Enable and configure the authentication methods that your organization supports. See Configuring User Authentication in VMware Identity Manager


In the administration console Identity & Access Management tab, select Manage > Policies.


Click the default access policy to edit.


To edit a policy rule, click the authentication method to edit in the Policy Rules, Authentication Method column.

The add a new policy rule, click the + icon.


If adding a new rule, select the network range for this policy and the device type that the rule manages.


To configure the authentication order, in the then the user must authenticate using the following method drop-down menu, select the authentication method to apply first.


All the authentication methods are listed in the drop-down menu, even if they are not enabled. Select only from the authentication methods that are enabled on the Connector > Auth Adapters page.


(Optional) To configure a fallback authentication method if the first authentication fails, select another enabled authentication method from the next drop-down menu.

You can add multiple fallback authentication methods to a rule.


Click Save and click Save again on the Policy page.