Print this page

Changes to Salesforce1 and other native salesforce client apps with IP bypass / IP restrictions

Knowledge Article Number 000182398
Description Previously, admins were required to send out a Bypass IP restrictions email which contained a link with a short-lived token to pass through the initial OAUTH authorization. This has been replaced as part of the new Connected Apps. Each Connected App now provides the ability to determine the IP restriction parameters. 

With Winter '14 release, Connected Apps offers an OAUTH policies section which an admin can determine what is required of a user when attempting to access a Connected App such as Salesforce1 and other oauth-based client applications.

Resolution The default for NEW orgs is to enforce IP restrictions.

The selections are:

-> Enforce IP restrictions
-> Relax IP restrictions
-> Relax IP restrictions with Second Factor 
** This adds the ability to authenticate utilizing the standard Identify Confirmation scheme or utilizing a third party authentication such as Google Authenticator.

Connected Apps overview

About Salesforce Two-Factor Authentication


promote demote