Under Security → Authentication → Sign On I can create several Okta Sign-on Policies. I can change the order of these policies by dragging them up and down. If a user logging in matches multiple policies and the policies enforce conflicting rules. For example, if the first policy in the list has “Session expires after” set to 30 minutes but the second policy in the list has “Session expires after” set to 60 minutes, if a user logs in and matches both policies, how long will their session last?
Is there ever a scenario where behavior from both policies would be enforced or is it always one policy that gets enforced?