Create an IP Zone

Create an IP Zone that defines network perimeters around a set of IPs. An IP Zone is comprised of Gateway IPs and Proxy IPs.

Note

Note

Okta is focused on the adoption of inclusive language and communication. Some long-standing industry terminology and expressions have been updated as part of this initiative. In this topic, blacklist is now referred to as block list.

Consider this information when configuring an IP Zone:

  • When configuring an IP Zone, at least one gateway or proxy is required.
  • Selecting Block access from IPs matching conditions listed in this zone will cause all requests with an IP chain containing an IP within the zone to be blocked from accessing Okta.

  • Up to 1000 IPs, IP ranges, and/or CIDRs can be added to a single blocked zone, and up to 25,000 can be added across all IP Zones.

  • Up to 150 gateway IPs, IP ranges and/or CIDRs can be added as well as up to 150 proxy IPs, IP ranges and/or CIDRs can be added to a non-blocked zone.

Create an IP Zone

  1. In the Admin Console, go to Security > Networks.

  2. From the Add Zone dialog, select IP Zone.
  3. In the Zone Name, enter a name for the IP Zone.
  4. Optional. Select Block access from IPs matching conditions listed in this zone to prevent matching IPs from accessing Okta.
  5. Enter the Gateway IP addresses and Proxy IP addresses. Separate IPs and IP ranges with a new line or comma. Single IPs, IP ranges or CIDR notation can be added.
  6. Click Save.

Related topics

About IP Zones

About Network Zones

Add IPs to a Network Zone from the System Log