1. Optional Features
  2. Security
  3. IP Restriction

IP Restriction

Specify which IP addresses are authorized to access your OpenAir account. This includes access to your OpenAir account using the OpenAir UI, the OpenAir API, or any client application utilizing the API to exchange information with your OpenAir account.

This optional feature lets you store authorized IP addresses on the employee record for each user. You can allow single IP addresses or network ranges, using an explicit range or subnet mask. The IP Restriction feature may be used to ensure users can only access your OpenAir account if they are connected to your company's physical network or VPN, for example.

Feature Extensions

  • IP Restriction Check for IP Change — You can extend the IP Restriction feature to check for IP address changes with every API request. In this case, if the IP address of the authenticated user's device changes and the new IP address is not in the IP address allowlist for this user, API requests return an error, and client applications utilizing the API can no longer exchange information with your OpenAir account. If the client applications utilizes the OAuth 2.0 authorization framework to connect to OpenAir, the OAuth 2.0 access and refresh tokens become invalid.

    If the IP address of the authenticated user's device changes and the new IP address is not in the IP address allowlist for this user, the user can continue using the OpenAir UI normally until the user signs out or the session times out. This is true whether the user is accessing the OpenAir UI as a standalone application, or within NetSuite using the Single Sign-On integration feature.

Note:

Client applications utilizing OpenAir API include:

  • OpenAir Mobile.

  • Other add-on services supplied by OpenAir (Integration Manager, Exchange Integration Manager, Projects Connector, Outlook Connector, OffLine).

  • Any bespoke integration utilizing the REST API, SOAP API, or XML API.

To enable this feature the IP Restriction or the IP Restriction Check for IP Change, contact OpenAir Customer Support. Additional setup is required for the IP restriction feature — for more information, see Security.