Subscribe

UiPath Automation Cloud™

UiPath Automation Cloud™ Guide

For information about the current status of Automation Cloud and our cloud services, see the Status page.

Restricting access by IP

This feature is only available if you are on the Enterprise licensing plan.

 

📘

Private preview

This feature is currently in private preview and is only available if you signed up for the private preview program at https://insider.uipath.com.

 

If you want to secure access to your organization and only allow users that are within your corporate network to access it, you can specify the IP addresses you want to allow and we block all other traffic.

761761

 

Before you begin


Prerequisites

To use this security option you need domain expertise on your corporate network and IP ranges.

Incompatibility

While IP restriction is enabled, you cannot use:

Scope

The IP restriction impacts:

  • Your users who sign in through the user interface
  • Your programs and automations that use the platform APIs or the APIs of your UiPath services.

If the agent - user or program - does not have one of the trusted IPs, after you enforce IP restriction, they cannot interact with your organization, all its tenants, their services, or related APIs.

Supported IP addresses

  • You can define trusted IP ranges for addresses of the types IPv4 or IPv6.
  • You cannot use the Classless Inter-Domain Routing (CIDR) IP format.
  • You cannot define trusted IP ranges for private addresses.

Testing environment

We strongly recommend performing this configuration and testing it in a non-production environment before applying the configuration in production to avoid disruptions to your users and your automation projects.

 

Configuring trusted IP ranges


If your private network uses a known series of IP addresses, you can add them in Security Settings to only allow users from those addresses to access your organization.

  1. Go to Admin > Security Settings.
  2. Along the top, select the IP Restriction tab:
985985
  1. Add a range of IP addresses as a trusted IP range:
    a. Click Add trusted IP range. The Add trusted IP range panel opens at the right of the window.
    b. Fill in the Name field with a suggestive name for this range.
    c. Fill in the IP range start field with the first address in the range. This can be an IPv4 or IPv6 address, but Classless Inter-Domain Routing (CIDR) format is not allowed.
    d. Fill in the IP range end field with the last address in the range.
    Users who have an IP that is the start address, end address, or any address in between will be able to access your organization. Users with any other address will not.
    Your current IP is shown at the bottom so that you make sure it is included in a range you define, otherwise you won't be able to enable IP restriction. This is because if your IP address is not included in a trusted range, enabling IP restriction would lock you out.
    e. Click Add at the bottom of the panel.
    The panel closes and the range is displayed on the page.
  2. Repeat the above step to add as many ranges as you need.
  3. After you have added all of the IP ranges, on the right, under Enforcement type, select Allow only trusted IPs.
  4. In the confirmation dialog, click Confirm to enable IP restriction.

Now, only users and programs who have an IP that was declared in one of the trusted IP ranges can access your organization. If they are not, they see an Access forbidden message when trying to access the organization.

 

Adding trusted IP ranges


To add a new range of IPs as trusted:

  1. Go to Admin > Security Settings > IP Restriction.
  2. Click Add trusted IP range.
  3. Fill in the details.
  4. Click Add.

If IP restriction is enforced (Allow only trusted IPs is selected under Enforcement type): The new range is added to the page and agents that use any of the IPs in this range can now access your organization.
If IP restriction is not enforced (Allow all IPs is selected under Enforcement type): The new range is added, but access is allowed from any IP until you enforce IP restriction by selecting Allow only trusted IPs under Enforcement type.

Updated 2 months ago


Restricting access by IP


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.