IdP to allow only users within given IP range to access a SP

Ian Rifkin irifkin at
Wed Aug 21 17:56:06 EDT 2013

Hi Stefano,

we need to limit access to a given SP to users within a given IP range.
> We can only work on the IdP side.

I'm not an expert, so maybe someone else can chime in, but I think it would
depend on your configuration. You can put IP restrictions in webserver and
firewall software, but you can't do that if you use the IdP for other SPs
that don't have this IP restriction. If you have a custom auth piece it
looks like you can read about Or perhaps
attempt something more fancy/custom.

Taking a step back, how do you currently do authentication? And what does
the SP expect to receive back from you (do they do any authorization or
does the SP just assume if they get a reply they are good?).

-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list