Changes to Salesforce1 and other native salesforce client apps with IP bypass / IP restrictions
|Knowledge Article Number||000182398|
|Description||Previously, admins were required to send out a Bypass IP restrictions email which contained a link with a short-lived token to pass through the initial OAUTH authorization. This has been replaced as part of the new Connected Apps. Each Connected App now provides the ability to determine the IP restriction parameters.
With Winter '14 release, Connected Apps offers an OAUTH policies section which an admin can determine what is required of a user when attempting to access a Connected App such as Salesforce1 and other oauth-based client applications.
|Resolution||The default for NEW orgs is to enforce IP restrictions.
The selections are:
-> Enforce IP restrictions
-> Relax IP restrictions
-> Relax IP restrictions with Second Factor
** This adds the ability to authenticate utilizing the standard Identify Confirmation scheme or utilizing a third party authentication such as Google Authenticator.
Connected Apps overview
About Salesforce Two-Factor Authentication