By registering a list of allowed IPs, you can restrict user access to your account and the workspaces under it, based on the user’s source IP. This helps prevent unauthorized access from unapproved regions or systems.
Nota
This security control should be considered an additional layer in your defense-in-depth strategy. It should not be considered a primary defense.
You know which IPs your users will be accessing Alteryx Analytics Cloud (AAC) from.
You have purchased the Enterprise edition of AAC.
To enable this feature, you must contact your Alteryx representative.
Enabling the feature may take one or two business days. Once enabled, new settings will be made available to your account.
Log into your AAC account.
Go to Settings > Restrict Access by IP Range setting and select Edit.
Select the Restrict Access by IP checkbox.
Within the Whitelist IPs field, enter one or more IPs and/or CIDR ranges.
Select Save.
Nota
You can only update the Whitelisted IP field if your own Source IP is included in the list. This ensures that at least one user from your organization can access Alteryx once it's enabled.
Inputs are validated before the setting is persisted.
Only IPv4 is accepted.
Only RFC4632-compliant ranges are accepted.
0 or more IPs and ranges can be entered, separated by a comma.
A range can be a single IP.
Whitespace is not accepted.
Example valid inputs:
198.51.2.0198.51.2.0/24,198.51.5.0/4
After this feature is enabled and configured, any browser sessions or API calls from an IP address outside the registered IPs or CIDR ranges will be blocked, and authentication will fail. This applies to the entire account, including all associated workspaces.
To disable this feature, you must contact your Alteryx representative.
Disabling the feature may take one or two business days. Once disabled, source IP will no longer be evaluated when authenticating a user’s browser or API access.