The IP address restriction feature allows you to control who can access the Teamflect Admin Center based on their network location. By allowing only specific IP addresses or IP ranges, you can prevent unauthorized access and ensure that sensitive admin settings are managed only from trusted networks.
This is especially useful for organizations that want to limit admin access to office networks, VPNs, or specific security-approved locations.
β οΈWarning: Always include your current IP address before saving changes to avoid locking yourself out.
Who Can Use This Feature?
Global Admins with access to the Admin Center
Organizations with security or compliance requirements for admin access
How IP Address Restrictions Work
You define a list of allowed IP addresses or IP ranges
Only users connecting from those IPs can access the Admin Center
If no IP address is added, all IP addresses are allowed by default
Restrictions apply only to the Admin Center, not to end-user access
How to Restrict Admin Center Access by IP Address
Step 1: Open Security Settings
Go to the Admin Center
Navigate to Security
Locate the Restrict IP address section at the top of the page
Step 2: Add Allowed IP Addresses
You can add IP addresses in two formats:
Single IP address
Example:192.168.1.10CIDR range
Example:192.168.1.0/24
Enter the IP address or CIDR range
Click Add
Step 3: Review the Access Risk Warning (If Applicable)
When you add your first IP address, Teamflect checks whether it matches your current IP.
If it does not match, an Access Risk warning appears
This warns you that you may lose Admin Center access after saving
You can choose:
Cancel β Go back and adjust the IP list
Save anyway β Continue, knowing access may be revoked
Step 4: Save Your Changes
After adding the allowed IP addresses, save the configuration.
If your current IP is not included, you will lose Admin Center access
Access is revoked on the next request, via security middleware
What Happens If Access Is Blocked?
If a user tries to access the Admin Center from an IP address not on the allowed list:
Access is denied
A security message is shown
The user cannot proceed to the Admin Center
Returning to Login
Clicking Back to login redirects the user to the Admin Center login page
Use Cases
1. Restrict Admin Access to Office Networks: Ensure HR and IT admins can only access sensitive settings when connected to the company network or VPN.
2. Prevent Unauthorized External Access: Reduce the risk of compromised admin accounts being used from unknown locations.
3. Support Compliance and Audit Requirements: Meet internal or external security policies that require restricted access to administrative systems.
Best Practices
Use this feature when:
You have a fixed office IP or VPN IP range
You want tighter control over who can manage admin-level settings
Security or compliance policies require network-based restrictions
Avoid using this feature when:
Admins frequently work from changing or unknown networks
You cannot reliably maintain an up-to-date IP allowlist