Authorize IP Addresses to Limit Account Access
We all know the metaphor — the internet allows computers to talk to each other, using IP addresses to identify where the call is coming from. Well, in this case, customers can ensure that the call is indeed coming from inside the house!
Utilizing an IP Access List, customers can provide which IP addresses are allowed to reach the application (API & UI), blocking all other external traffic. Static IP addresses, and IP ranges can be provided in cidr format -- typically, this information is managed by the customer's organization's IT staff.
Activating IP Access List
To get started with an IP access list on the account, please have an account admin reach out to [email protected] to request to turn on this feature for the entire account. This request should be accompanied by a list of IP addresses to include on the access list, including an IP range.
Future modifications to the IP Access List can be communicated to the OP Customer Success team from the account admin.
Protecting the Account
Once enabled, when an authorized user accesses the platform — either after logging into the application via pi.ompnt.com, or customer's connecting via the API using a token — then their IP address will be checked against the provided IP addresses.
If the IP address is included in the access list, then normal operations continue. Otherwise unauthorized IP addresses will see an error message (API) or be greeted by OP's bouncer.