Ask AI
All Categories
Evo Portal
Policies Page

Policies Page

Last updated on March 10, 2026

Policies

Policies provides a flexible way to control behavior across your environment.

Instead of managing many separate settings, Policies organizes configuration into reusable components that can be applied at different levels (environment, tenant, group, user, etc.).

Policy Creation

To find Policies Navigate to Evo Admin → Policies

Notion image

Hit New+ on the top right to create your new Policy

Notion image

From here you can name your Policy and then start adding settings

Notion image
Notion image

Once you’ve named your Policy and have chose your Policy settings you can then Create your Policy

Notion image

After Created you can now assign your Policy a scope.

Notion image
 

When applying a Policy there are 5 Categories of Scopes available

  • All
  • Tenant
  • Group
  • User
  • Endpoint ( Coming Soon! )
 
Notion image

Policies Overview

Policies is built around five key components:

  • Policies
  • Policy Groups
  • Policy Settings
  • Scopes
  • Entity Inspector

Together, these allow you to create a baseline configuration and apply more specific rules where needed.

Policy

What is a Policy?

A Policy is a collection of configuration settings that define how the platform should behave.

Important Notes

  • Creating a policy does not apply it automatically.
  • A policy only becomes active when it is assigned to a scope or included in a policy group that is assigned.

Best Practice

Create policies with a clear purpose, such as:

  • Default environment configuration
  • Tenant-specific rules
  • Group-based requirements
  • User-specific exceptions

Policy Groups

What is a Policy Group?

A Policy Group is a collection of policies that can be assigned together.

This helps keep policies organized and reusable.

Why Use Policy Groups?

Instead of creating one large policy, you can:

  • Break configuration into smaller focused policies
  • Combine them using a policy group

Policy Order

Policies inside a group have an evaluation order.

If two policies contain conflicting settings:

  • The policy with higher priority in the group order wins

Policy Settings

What are Policy Settings?

Policy Settings are the individual controls inside a policy that determine how the platform behaves.

For example, settings may control things like:

  • Authentication behavior
  • User security requirements
  • Portal configuration
  • Endpoint behavior (when endpoint features are enabled)
Notion image

How Settings Work

All settings come from a built-in settings catalog within the platform. This ensures every setting:

  • Accepts the correct type of value
  • Can only be applied at supported scopes
  • Is validated automatically

This helps prevent invalid configurations and ensures consistent behavior across environments.

Scopes

What are Scopes?

Scopes define where a policy applies.

Policies can be assigned to different levels of your environment.

Supported Scopes

Scope
Description
Environment
Global baseline configuration
Tenant
Applies to a specific tenant
Group
Applies to a user group
User
Applies to an individual user
Endpoint
Applies to a specific device

How Scopes Work

Scopes allow you to create:

  • Broad defaults (environment level)
  • Tenant overrides
  • Group or user exceptions
  • Device-specific controls

Assigning Policies

Policies only take effect when they are assigned to a scope.

Assignments can target:

  • A specific tenant
  • A specific group
  • A specific user
  • A specific endpoint
  • The default environment policy

This allows the same policy to be reused across multiple targets.

Note: A single policy can be assigned to multiple scopes. For example, a policy may be applied to multiple users, or to a combination of scopes such as a user and a group.

Entity Inspector

What is the Entity Inspector?

The Entity Inspector determines the final effective configuration for a specific user, device, or entity.

It evaluates all policies that apply across different scopes.

Evaluation Order

Policies are processed from broadest to most specific:

  1. Environment
  1. Tenant
  1. Group
  1. User
  1. Endpoint

How Policy Evaluation Works

The Entity Inspector evaluates policies from the broadest scope to the most specific.

This means the system first applies policies at the environment level, then continues through more targeted scopes such as tenant, group, user, and endpoint.

At each step, a more specific scope can refine or override settings applied by broader scopes. This allows you to define a global baseline while still supporting targeted exceptions when needed.

Policy Hierarchy

The Policy Hierarchy page provides a structured view of how policies and policy groups are assigned across your environment.

What the Policy Hierarchy Shows

The hierarchy displays:

  • Policies and policy groups directly assigned to each scope
  • Scopes that inherit configuration from higher levels
  • A tree view of assignments, starting from the default environment policy and moving to more specific scopes

Why It’s Useful

The Policy Hierarchy helps partners:

  • Quickly understand where policies are applied
  • Identify exceptions or overrides
  • See inherited behavior across scopes

It is especially useful when used alongside the Entity Inspector, which shows the final effective configuration for a specific entity.

Role-based Access Control for Policies

Policies uses role-based access control (RBAC) to determine who can view or manage policies.

These Roles can be assigned under Evo Admin → Permissions → Roles → Your Specific Role Group → Policies

Notion image

Policy Admin

The Administer Global Policies role provides full administrative access to Policies. Users with this role can create, edit, assign, and manage policies and policy groups across the environment.

Policy View

The Policy View role provides read-only access to Policies. Users can view policies, assignments, and policy details but cannot make changes.

Administer Global Policy

Notion image

The Administer Global Policy role allows a user to modify the default environment policy, which serves as the global baseline for the environment.

This permission is separate because changes to the default policy can affect the entire environment.

How Everything Works Together

  1. The portal defines available settings
  1. Policies configure those settings
  1. Policy Groups bundle related policies
  1. Policies or groups are assigned to scopes
  1. The Entity Inspector evaluates all applicable policies and determines the final result

Best Practices for Partners

Start with a Baseline

Use the default environment policy to define global behavior.

Add Overrides Carefully

Use tenant, group, or user policies only when needed.

Keep Policies Focused

Smaller, purpose-driven policies are easier to manage.

Use Policy Groups for Reuse

If multiple policies should always be applied together, create a policy group.

Use Specific Scopes Sparingly

Too many narrow exceptions can make environments harder to manage.

 
 
Did this answer your question?
😞
😐
🤩
Welcome to the Evo Portal! Deployment Tokens