<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Update the "AND User's group membership includes" Field in an Authentication Policy Rule via API
Mar 6, 2026
Administration
Okta Identity Engine
Overview

This article explains how to update the AND User's group membership includes field in an authentication policy rule via Application Programming Interface (API).

Before screenshot without group showing

Applies To
  • Okta Identity Engine (OIE)
  • Authentication Policy
  • Application Programming Interface (API)
Solution

  1. Create a PUT call in Postman to the following endpoint:

    <url>/api/v1/policies/<policyId>/rules/<ruleId>
  2. Enter the following JSON body to assign groups to the rule in the authentication policy: 
    {
"system": false,
"type": "ACCESS_POLICY",
"name": "<RULE_NAME>",
"conditions": {
"people": {
"groups": {
"include": [
"<group_id1>","<group_id2>","<group_id3>"
]
}
}
}
}




Postman call screenshot 


  1. Verify that the changes are reflected in the authentication policy rule.


Authentication policy screenshot 




Related References


Recommended content
Still looking for help?
Loading
Update the "AND User's group membership includes" Field in an Authentication Policy Rule via API