How Location-Based Access Works

Location-based access combines the registered IP addresses of the computers and public roles to control access to the application.

Scenarios

To understand how location-based access works, consider the following scenarios and their effect on user access.

To avoid any access-related issue, carefully examine the given scenarios and plan well before you enable location-based access.

Scenario

Impact on User Access

You disable location-based access.

All users signing into the application from their respective computers continue to have the same level of access as they had earlier.

You enable location-based access and register few IP addresses, but don't grant public access to any role.

  • Users who sign into the application from the registered IP addresses have access to their tasks as usual.

  • Users signing in from unregistered IP addresses can access only the generic tasks that aren't tied to any particular role.

You enable location-based access, register a few IP addresses, and grant public access to certain roles.

  • Users signing in from the registered IP addresses have complete access.

  • Users signing in from unregistered IP addresses can't access any role-based tasks unless you grant public access to those roles. If you have made a role public, users can access all the tasks tied to that role.

You enable location-based access, but don't register any valid IP address, and don't grant public access to any role.

All users are locked out. No one can sign in.

Caution: Try and avoid this scenario. Register at least one valid IP address and grant public access (access from all IP addresses) to IT Security Manager role when you enable location-based access.