IP Allow List

You can specify which IP addresses are allowed to access the site. This applies to all users and API calls, including integrations.

  1. Navigate to Admin > IP Allow List
  2. In the Allowed IP Address List field, add all the public IP addresses of users and integrations connecting via our API for which you have made keys for to allow them access to Syncro.
    a. Note: IPv4, IPv6 addresses are both supported, including the use of CIDR
  3. Enable the feature
  4. Click Save

If a user attempts to access Syncro after this feature is enabled and their IP address is not on the IP allow list, they will not be able to access any aspect of Syncro. Users will be presented with this screen:

When this happens, all global admins within the organization will receive an email notifying them of this attempt. This email will also contain a button that, when pressed, adds the IP address that was blocked onto the allow list.


Team Plan Users

If you are using either Azure AD Sync or Database Backup, you must add to your allow list. The IP addresses of Azure AD or the Database to which you are backing up do not need to be added to the IP Allow List.


Q: What happens if I accidentally forgot to add the IP addresses of all global admins?

A: Although global admins would be temporarily locked out, once they try to log in, all global admins will still receive the email that an IP address has been unable to log in. When they press the approve button in the email, they will be taken to Syncro. Once they log in, their IP address will be added. This process will prevent admins from locking themselves out.

Vendor IP Resources

4 posts were split to a new topic: Limit global admin access to IP addresses