IP address restrictions

hc: ip address restrictions
In this Article

Enterprise organization owners can restrict login to specific IP addresses ๐Ÿ”’

You can restrict access to your organizationโ€™s workspaces by configuring a list of allowed IP addresses that managed users can log in from.

This can be useful if you want to restrict account access to users connecting from specific locations (such as your office) or through a specific VPN.

Who can use this feature?

To set up allowed IP addresses, you must be an Enterprise organization owner.

Set up allowed IP addresses for your organization

To create a list of allowed IP address for your organization:

  1. Open your workspace switcher in Notion and select Manage organization. This will take you to your organization level controls.

  2. Open the Security tab.

  3. Click Allowed IP addresses.

  4. Provide a name for your address (like โ€œSF Officeโ€ or โ€œNY Officeโ€) and then enter the corresponding IP address. To set a range of IP addresses, you can use CIDR notation (e.g., 127.0.0.1/24).

    To ensure that no one gets locked out of their account before all IP restrictions are set, we recommend that you add the relevant IP addresses first, then activate the allowed list afterwards.

  5. After you've added a list of IP addresses that you want to approve for the account, select the checkbox above the list โ†’ Activate.

    • Ensure your own IP address is included in the allowed list. Otherwise, you'll receive an error message and your list of allowed IP addresses wonโ€™t be activated.

  6. Once your IP address allowed list is activated, youโ€™re all set! Any user who tries to access the account will only be able to do so if they have the IP address on the allowed list.

hc: restricted ip address login error

How IP address restrictions impact managed users

Any managed user attempting to log in with an IP address that doesnโ€™t match an address on the allowed list will see an error message, and they wonโ€™t be able to proceed.

hc: restricted ip address error message

Audit log events

When youโ€™re managing IP addresses for your organization, youโ€™ll have access to the following audit log events:

  • Created IP allowlist: That a user created an IP allowlist rule.

  • Deleted IP allowlist: That a user deleted an IP allowlist rule.

  • Updated IP allowlist: That a user updated an IP allowlist rule.

  • Enabled IP allowlist: That a user either enabled the IP allowlist rules.

  • Disable IP allowlist: That a user either disabled the IP allowlist rules.

Give Feedback

Was this resource helpful?