Overview
Your organization may want to control user access by allowing access to your Kayako agent area from a specific IP address or address ranges only.
Prerequisites
- To edit any of the security and user registration settings, you will need an administrator account with the 'Manage system configuration' permission.
- Learn more about how Kayako safeguards your data on our product security page.
Diagnosis
Your Kayako instance is a web-based application so anyone who has an internet connection with valid login credentials (registered agent or admin user) can access the agent area anywhere. However, you can restrict access to the agent area to specific IP addresses.
For agent and administrator accounts, you can restrict login access which means that your team will need to access your Kayako instance via one of the network IP addresses you specify. If they try to sign in from an IP address that's not on the list, they won't be allowed in.
Solution
- Sign in to the admin area.
- Click on Authentication in the sidebar.
- Make sure you're on the 'Agents' tab since the 'Customers' tab doesn't have IP restriction options.
- In the IP restrictions field, enter one or more IP addresses, each on a new line, from which your team should be allowed to access Kayako.
- NOTE: You can enter the full address, a range, or a specific subnet mask.
- Click the Save button when you're done.
Testing
As mentioned above, users who are not connected to the network IP addresses specified in the list will not be able to log in to the agent area.
If you want to test this feature, attempt to sign in to your Kayako instance from a network with an IP that is not specified on the list. If you received the following error message, that means you have successfully set the restriction.