Configuring IP Address Restrictions

This article is for those who started the free trial on or after September 8, 2019. If you started the free trial before September 8, 2019, see Configuring IP Address Restrictions and Basic Authentication. For details on the start date, see How to Check the Trial Start Date.

IP address restrictions let you grant access within specific IP address ranges. Once you configure IP  address restrictions, access to Kintone is denied if a computer is not in the IP address range that you specified.

Depending on how you access Kintone, we recommend the following two settings.

Access Kintone with fixed IP addresses (mobile phones are not used)

  • IP address restrictions: Select Allow specific IP addresses and enter all the global IP addresses assigned to your company.

Access Kintone with dynamic (not fixed) IP addresses including mobile phones

  • IP address restrictions: Select Allow all. We recommend each user enables two-factor authentication to enhance security. For further details, see Configuring Two-Factor Authentication.

To configure IP address restrictions in the Access Control page

  1. Navigate to the Access Control page by clicking the gear wheel gear_wheel.PNG, selecting Users & System Administration, and clicking Access Control under Security
  2. Select the desired option. When you select Allow specific IP addresses, enter all the office network IP addresses. You can add or edit IP addresses later. It may take some time for the IP address restrictions to be reflected to Kintone.
    • To specify a range of IP addresses, for example from to, use the CIDR notation.
    • When the number of IP addresses to be specified is small, leave the CIDR field blank and enter one IP address per field.

Failed to configure IP address restrictions and cannot access to Kintone?

An email is sent to the email address of the administrator's account each time the IP address restrictions are changed.  You can reset the IP address restrictions from the reset URL written in the email. The reset URL is valid for one hour, so if you want to reset after an hour from the configuration, contact us.

To further enhance security, we recommend you configure a password policy. For details on how to configure a password policy, see Configuring Password Policy and Account Lockout Settings.

Was this article helpful?
3 out of 3 found this helpful



Please sign in to leave a comment.