Create a Dynamic Zone

Create a Dynamic Zone that defines network perimeters for location, IP type, and ASN.



Okta is focused on the adoption of inclusive language and communication. Some long-standing industry terminology and expressions have been updated as part of this initiative. In this topic, blacklist is now referred to as block list.

To create a Dynamic Zone:

  1. From the Admin Console, navigate to Security > Networks.
  2. From the Add Zone drop-down, select Dynamic Zone.
  3. Enter a name for the zone.
  4. Add up to 75 locations.
  5. Define a proxy type, from Any, TorAnonymizer, or NotTorAnonymizer, or leave proxy unchecked to ignore any proxy.
  6. The accuracy of Tor proxy detection is dependent on a third party vendor, which is used to identify IP addresses that use Tor. The proxy type is only used to evaluate if a proxy is Tor or not. If a proxy is unchecked, it will simply not be evaluated.

  7. Add up to 75 ASNs separated by either a comma or new line.
  8. Optional: Select Block access from IPs matching conditions listed in this zone to prevent matching IPs from accessing Okta.
  9. Click Save.


Selecting Block access from IPs matching conditions listed in this zone will cause all requests with an IP chain containing an IP matching the conditions of the zone to be blocked from accessing Okta.

Related topics

Define geolocation for a Dynamic Zone

Define IP Types for a Dynamic Zone

Define a Network Zone for IWA