Risk-based access evaluates context to make dynamic authorization decisions. The same user with the same credentials might get different access based on circumstances:
- Logging in from a new location? Require MFA.
- Accessing sensitive data from an unmanaged device? Deny or limit.
- Behavior matching known attack patterns? Challenge or block.
Risk scoring combines signals: login location, device health, time of access, recent activity, threat intelligence. Higher risk scores trigger stronger authentication requirements or deny access entirely.