When an end-user is denied access to an application due to any risk detected by the EAA device posture service that violates any device posture based ACL rules for an application, you are redirected to the Device Posture Remediation page, which can be customized for your organization.

For Clientless applications, the remediation page is shown by the Identity Provider when the device posture based ACL fails.

For Cliented applications, the device posture remediation message is shown in the GPA Client (version 7.2 or higher) in the NOTIFICATIONS section.

Customize Device Posture Remediation Page

1. Log in to Enterprise Center.

2. In the Enterprise Center navigation menu, select Application Access > Identity & Users > Identity Providers.

3. Select the identity provider for which you want to customize the Device Posture Remediation page.

4. Click Login Portal.

5. Click the Device Posture tab. The default format and style for the Device Posture Remediation page is shown.

You can customize these sections of the Device Posture Remediation page:

6. To customize the email, phone, or ticket URL, go the the Settings tab, Support section and provide the details:

7. To customize the Device Posture Remediation page title, and what actions the end-user must take after the device posture error occurs, like contacting IT department, support department, or any other custom department within your organization, provide the details in the Texts tab:

Click Add language (+ symbol) and select a language. (default in English). Configure these settings:

a. Device Posture Access Denied Title. Add a custom title for your Device Posture Access Denied Page. (indicated in yellow)
b. Device Posture User Message. Add a custom message you want the end-user to see and take any actions like contacting a specific department in your organization to get the issue resolved. (indicated in red)
c. Click Save, to save the changes.

For example, the Device Posture Access Denied Title, Device Posture User Message as configured as:

This would appear in the Device Posture Remediation Message as:

8. Click Save and Deploy, to save and deploy the identity provider (IdP).

The custom device posture remediation page is configured.

For a Clientless Application when device posture based ACL fails, the end-user is redirected to the Device Posture Remediation page by the Identity Provider.

For a Cliented Application when device posture based ACL fails, the device posture remediation is seen on the GPA Client > Notifications. Click on any Device Posture Notification and you can see the details of the Device Posture Error.