Restricting domain and IP addresses for individual user accounts

User account admins can control access to login and signup by specifying which IP addresses are permitted or blocked.

After embedding the self-service portal, your users can enable an allowlist to permit only specific IPs or a denylist to block certain IPs while allowing all others.

Restricting IPs via the Self-Service Portal

You can restrict access to your application based on IP addresses. IP restrictions apply to sign-up and logging in, meaning users accessing from a blocked IP will be denied access.

Log in to your application and in the Admin Portal navigate to the Security tab.
Scroll down to the Restriction section and click Manage.
Enable IP Address Restriction by toggling the switch.
Click Add my IP to add your own IP address to the list.
Select a restriction method from the dropdown menu: Allow only or Deny only.
Enter a description for the IP address in the IP Description field.
Enter the IP address in the IP Address field.
Click Add.
To delete an IP address from the list, click the three dots next to the IP address you want to remove.
Click Delete.
Confirm the deletion by clicking Delete again.

Restricting Domains via the Self-Service Portal

To enhance security, you can restrict access based on domains. Domain restrictions apply to sign-up and invitation, meaning users with a blocked domain cannot register or be invited, but logged-in users remain unaffected.

Log in to your application and in the Admin Portal navigate to the Security tab.
Scroll down to the Restriction section and click Manage.
Click the Domain tab and enable Domain restriction by toggling the switch.
Select a restriction method from the dropdown menu: Allow only or Deny only.
Enter the domain you want to restrict in the list.
Click the green plus button to add the domain.
To delete a domain from the list, click the X icon next to the domain you want to remove.
To block all public domain emails, toggle the Block all public domain emails switch on.