OCI IAM Sign On Policy for CX Sales administrators

Summary:

We want to create a separate sign-on policy for a small set of integration users (around five) that require administrator-level access. At the moment, these users fall under the default sign-on policy, which enforces password expiration. As a result, the user accounts are occasionally disabled when passwords expire, causing disruptions to integrations.

Instead of excluding these users from the default policy, we want to explicitly assign a dedicated sign-on policy to them. Should I create a dedicated group for this? How and where should I do this if that is the case?