[en] IP restrictions allow you to limit access to Provet so that users can only log in from approved IP addresses. You can use this feature to restrict access to the clinic network so that employees can only log in while they are physically at the clinic.
[en] IP restrictions can also be configured so that selected users, permission groups, or integrations are allowed to access Provet from outside the clinic network when required.
[en] Before You Begin
[en] Before enabling IP address restrictions, review the following requirements and guidelines to avoid unintentionally blocking access.
-
[en] If you restrict access to the clinic network, using a static public IP address is strongly recommended
-
[en] Ensure that at least one administrator user can log in from outside the allowed networks. This ensures someone can always log in to adjust settings if the clinic's IP address changes or issues occur.
-
[en] Test the restrictions with a small group of users before applying the restrictions to all users.
[en] Configure IP Restrictions
[en] You can configure IP restrictions in Provet General settings.
-
[en] Enable for all user groups and tokens: All users will be subject to the IP restrictions configured. Enter the IP address of allowed addresses in the Allowed networks field.
-
[en] Enabled for selected user groups and tokens: To restrict access for specific users in Permission groups, API tokens and OAuth 2.0 applications.
-
[en] Go to Settings > Users > IP restriction.
-
[en] Select the pen button to make changes to the settings.
-
[en] Select Enabled for all user groups and tokens or Enabled for selected user groups and tokens.
-
[en] Enter the approved IP addresses in the Allowed networks field. You can add multiple addresses, or a range.
-
[en] Select Save.
[en] Integrations and IP Restrictions
[en] IP restrictions apply to login attempts and API access. Requests from IP addresses that are not on the allowlist are blocked.
[en] Provet Integrations
[en] All integrations and internal services developed by Provet are automatically allowed. You do not need to add IP addresses for:
-
[en] built-in integrations
-
[en] Provet backend services
-
[en] laboratory gateways and other internal services
[en] Third-Party Integrations
[en] Third-party integrations that are not deployed by Provet may be affected by IP restrictions. If a third-party service connects from its own servers, you must obtain the static IP address of that service and add it to the allowlist manually. This includes custom integrations, external reporting tools, and non-Provet middleware services.
[en] OAuth 2.0 Integrations
[en] OAuth 2.0 connections do not bypass IP restrictions. If a third-party OAuth 2.0 integration communicates from fixed IP addresses, you must add those IPs to the allowlist. If the integration uses dynamic or unknown IP addresses, it may not work reliably when IP restrictions are enabled.
[en] See also
Atualizado
Comentários
0 comentários
Artigo fechado para comentários.