IP Whitelisting
IP-Based Access Controls for Console and API¶
The platform provides administrators with the ability to restrict access to the UI console and API endpoints by specifying allowed IP addresses or subnets. This capability enhances security by ensuring that only users connecting from approved network locations can access the organization and its associated resources.
Access Controls by User Type¶
-
Local and Automation Users:
The IP whitelisting feature built into the platform is primarily designed to control access for local and automation user accounts. By restricting access to known IPs, organizations can reduce the risk of unauthorized usage from untrusted networks. -
Identity Provider (IDP) Users:
For users authenticated via Identity Provider (IDP), it is recommended to leverage access control features offered by the IDP itself. These may include IP restrictions, device trust, and geofencing, depending on the provider’s capabilities. This ensures that security policies are enforced consistently and centrally for federated users.
How to Configure IP Restrictions¶
- Sign in to the console and navigate to System → Settings.
- Enter the list of allowed IP addresses or CIDR subnets you wish to permit.
- Click Save to apply the access restrictions.
Once saved, only the specified IPs or ranges will be allowed to access the organization’s resources.
⚠️ Important: Any connection attempt from an IP address not included in the allow list will be denied access, both at the UI and API levels.
Note: Only users with the Org Admin role can configure these settings.
This feature is disabled by default for all organizations. To enable it, please contact Customer Support.