This document will cover the different options available to restrict access to your SuccessFactors instance based upon IP address
IP Restriction Management:
- This section applies only to the UI (API login is not influenced by this section).
- When you define a range of IP addresses in this section, only the defined IPs will be able to access the SuccessFactors instance via the UI / Front-end.
- If there is no IP addresses defined within this section, then any IP can access the UI and login (assuming they have the correct credentials)
Password & Login Policy Settings > Set API login exceptions:
- This section applies to login via the API channel, both SFAPI and ODATA (and is not related to the UI login).
- When you define a Username & IP address within this section, this user will be able to login via the API from the defined IP address.
- If this functionality is enabled and the Username / IP is not defined within this section, it will not be possible to login via the API with that user.
OData API Basic Authentication Configuration:
- This section relates only to ODATA API and specifically to the authentication method of - Basic Authentication.
- As this is the most basic form of authentication, this tool serves as an additional layer of protection / security for the Basic Authentication method.
- When you define and IP address / range in this section - only the IPs you have defined will be able to use Basic Authentication to Access OData API.
2089414 - System: How to restrict access to SuccessFactors by IP address - IP Restriction Management
2253200 - SuccessFactors: How to add into allow list an IP for API access
2516614 - OData API Basic Authentication Configuration (1708 new feature)
OData, API, Login, IP Address, Restriction, allow list, UI, Basic Authentication , KBA , LOD-SF-INT , Integrations , LOD-SF-PLT , Platform Foundational Capabilities , LOD-SF-INT-ODATA , OData API Framework , LOD-SF-INT-API , API & Adhoc API Framework , How To