Skip to main content

Manage IP addresses and allow listing in Passfort

When you enable allow listing, only requests from an IP address on your authorized list can sign into your account's portal and make calls to your API.

Add an IP address

To add an IP address:

  1. Sign in to the portal and go to User Management > IP allow listing.

    IP allow listing tab with no IP addresses listed.
  2. Select Add IP addresses. The Add IP addresses or ranges dialog is displayed.

    Add IP addresses or ranges dialog.
  3. In the Add IP addresses field, type the addresses and/or ranges to add to your allow list. Separate multiple addresses and ranges with a comma.

  4. Optionally, use the Description field to give the IP addresses and ranges a description. If you choose not to add a description, the description next to the address will be blank.

  5. Select Add. The addresses and ranges are added.

    IP allow listing page showing notification that the list is disabled.

Tip

Passfort supports classless inter-domain routing (CIDR) notation.

Edit an IP address description

To edit an IP address description:

  1. Sign in to the portal and go to User Management > IP allow listing.

  2. Select the Edit Pencil icon_no border icon next to the address or range description you want to edit.

    The Edit IP address dialog is displayed.

    Edit IP address dialog
  3. Modify the description.

  4. Select Save. The new description is displayed for the IP address or range.

Remove an IP address

To remove an IP address:

  1. Sign in to the portal and go to User Management > IP allow listing.

    IP allow listing page showing notification that the list is disabled.
  2. Select the Remove This is a bin icon. icon next to the IP address or range you want to remove.

    A confirmation dialog is displayed.

    Remove IP address confirmation dialog.
  3. Select Remove from the allow list. The IP address or range is removed.

Enable allow listing

To enable allow listing:

  1. Sign in to the portal and go to User Management > IP allow listing.

    When allow listing is disabled, a notification is displayed on the page.

    IP allow listing page showing notification that the list is disabled.
  2. Ensure you've added your own IP address to the allow list. Otherwise, when you enable allow listing, you'll no longer have access to your Passfort account.

  3. If you're using SSO, ensure you don't have Okta's allow listing feature enabled. Otherwise, both the Okta allow list and the Passfort allow list will apply for SSO logins, and unexpected behavior may occur.

  4. Select Enable IP allow list. A confirmation dialog is displayed.

    Enable IP allow list confirmation dialog.
  5. Select Enable IP allow list. Only requests from an IP address on your authorized list can sign into your account's portal and make calls to your API.

    Once you've enabled allow listing, any user signing in from an unauthorized IP address will see these errors:

    • Portal: You can't sign in from this IP address. Contact your administrator. If you're unsure who the administrator is, contact the Client Service team.

    • API: 403 Forbidden. You can't access Passfort from this IP address.

If you are locked out of your account, contact us and we'll help you regain access.

Disable IP allow listing

To disable allow listing:

  1. Sign in to the portal and go to User Management > IP allow listing.

    IP allow listing page showing IP addresses that have been allowed to access Passfort.
  2. Select Disable IP allow list. A confirmation dialog is displayed.

    Disable IP allow list confirmation dialog
  3. Select Disable IP allow list. A notification is displayed on the page to say that allow listing is now disabled. Users from any IP address can sign into the portal or make requests to your API.

Additional information