--- title: "Creating and Managing Policies" slug: "policies" updated: 2026-04-15T06:49:22Z published: 2026-04-29T10:55:15Z --- > ## Documentation Index > Fetch the complete documentation index at: https://docs.britive.com/llms.txt > Use this file to discover all available pages before exploring further. # Creating and Managing Policies ## Creating a Policy 1. Log in to Britive. 2. Click on **System Admin**-> **Secret Management**-> **Britive Vault**. 3. Select the node where the policy needs to be created. 4. Click on the **Policies** tab. You can also select **Add Policy** from the overflow menu of a particular node. 5. Click on the **Add Policy**button to add a new policy and enter the following: - **General** - Enter the **Policy Name**. - Enter the description (optional). - **Access Type**: Select either **Allow** or **Deny**. - **Include all resources in the hierarchy below the resource path**? - **Members:** - **Users**: Click **Select Users** and add one or more members for this policy. - **Tags**: Click **Select Tags** and add one or more tags for this policy. - **Service identities**: Click **Select Service Identities** and add one or more service identities for this policy. - **AI identities**: Click **Select AI Identities** and add one or more AI identities for this policy. - **API tokens**: Click **Select API Tokens** and add one or more API tokens for this policy. - **Permissions**: - **Access Level**: The user gets access to the secrets based on the following: - View - Create, Edit - Manage - **Generic Conditions**: - IP based: Select if you want access based on the IP addresses. Enter an IP address or a list of comma-separated IP addresses in the text box. - Time based: Select the **Start and End Date/Time****Date-time range** or **Set Time Schedule** for applying the policy. - **Step-up Verification:** - Select **Yes** if step-up verification is required for this profile. The user is prompted for input based on the configured MFA for viewing secret details if this option is selected. The step-up verification validity is configured in the step-up verification validity settings in the **Security** tab. For more information, see [Configuring Step-up Verification Validity](/v1/docs/mfa-settings#https%3A//docs.britive.com/docs/mfa-settings#configuring-stepup-verification-validity). - Once step-up verification is enabled, you can check (Yes/No) if the previous successful verification can be used for subsequent viewing of secrets. - **Approvals**: Select whether the user needs approval to access a profile. Enter the following details if you select **Approval Required** as **Yes**: - **Notifications:** Select notification medium(s) using the **Add Notification** button. Before use, notification mediums can be created in the **Admin**->**Global Settings** section. For more details, see [Creating and Managing Notification Mediums](/v1/docs/notification-medium). - **Slack** or **Slack Application:** - (Optional) Specify the Slack Channel ID: 1. To find the Slack Channel ID: 1. Right-click on the Slack channel you want to use. 2. Select **View Channel Details**. 3. Scroll to the bottom to find the Channel ID. 2. Click **Validate Channels**to validate the listed channels. Ensure you have integrated the Britive app with channels (private/public) before validating them. For more information about integrating the app, see [Configuring Slack App](https://docs.britive.com/docs/configuring-slack-app).Note:You can add only one Slack notification medium per policy. - **Teams** **Application:** 1. (Optional) Specify the Team Name: 1. To find the channels: 1. Go to the Teams client. 2. Select the Teams for which you want the list of channels. 3. Click on **See all channels** to get the list of channels. 2. Click **Validate Channels**to validate the listed channels.**** - **Manager Approval Settings:**Select Manager Approval if you want the requester's manager as an approver. You can select one of the following: - **Manager OR Approvers**: The manager or the approvers approve/reject the request. - **Manager AND Approvers**: The manager and approvers must approve/reject the request. - **Manager Only**: Only the requester's manager can approve/reject the request. You cannot select individual users or tags as approvers.**** - **Users:**Select the users from the list. - **Tags**: Select the tags from the list. - **Maximum time to Approve:**Enter the time in *Hours:Minutes* format. The approval request expires if it is not approved within the specified time. - **Approval Validity**: Enter the number of days or hours for access validity after the request is approved. Approval validity time must be between 1 and 30 days. 6. Click **Save and Enable**after all the configuration is done. ## Managing Policies You can edit/enable/disable/delete a policy. 1. Log in to Britive. 2. Click on **System admin**-> **Secret Management**-> **Britive Vault**. 3. Click on the **Policies** tab. 4. Select the action for the policy to be managed. - **Manage Policy**: You can edit some parts of the policy after creating a policy. You can edit the secret name, description, and secret details based on the selected secret template. - **Enable/Disable Policy**: You can enable or disable a particular policy created by you. - **Delete**: Delete any policy created by you. A user can not delete predefined policies.