Introduction
Administrators can control access to the Solution via a list of authorized IPs. Once the feature is activated, only users in the organization who log in with one of the specified IPs will be able to access Piano Analytics.
Note
This feature is only available to the organization's administrators, excluding delegated administrators.
Application scope
By default, there are no IP address restrictions for access to the Piano Analytics solution. The organization's administrator has the option of limiting access by expressly declaring the permitted IP addresses in the form of rules.
One rule applies to the entire organization:
- Access to the Piano Analytics solution and API Data calls are restricted according to the rules defined by the administrators
- All Piano Analytics suite products are affected by the application of the rules
Note
SSO user access is also subject to this rule.
Creating a rule
Authorizations are configured in the "Access Management" application, then in the Security > Permitted IP addresses submenu.
Administrators can declare IP addresses in three IP/CIDR/RANGE formats:
- IP: in the following format: 192.0.2.1
- CIDR: IP address grouping in the following format: 192.0.2.0/24
- RANGE IP: range of IP addresses, in the following format: 192.0.2.1 - 192.0.2.255
Be careful!
The administrator must declare their own IP address (displayed in the interface) when creating the first rule: a check is made at the time of validation and a warning message appears if necessary.
Steps:
1. Choose the type of IP address
2. Declare the value(s)
3. Define a name for the rule
Be careful!
Only public IP addresses can be declared in a rule.
After being created, the rule appears in the list with:
- the type (IP/CIDR/RANGE)
- the value(s)
- the name of the rule
- the email of the administrator who created it
- the creation date
Once the permissions are activated, any user attempting to connect to the Piano Analytics solution or make an API Data call will be denied access (HTTP 403 error) if their IP address is not one of the permitted addresses.
Deleting a rule
A rule cannot be edited but can be deleted by clicking on the trash can icon in the listing table.