<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Blocking Specific TCP or UDP Ports in Okta
Oct 23, 2025
Okta Classic Engine
Okta Identity Engine
Network Zone
Overview

This article clarifies whether it is possible to block specific Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) ports on an Okta tenant (the Okta cloud service).

Applies To
  • Network Zone
  • IP Blocking
  • Port Blocking
Solution

It is not possible to directly block specific TCP or UDP ports on an Okta tenant.

As a Software-as-a-Service (SaaS) platform, Okta's security controls operate at the application and access policy layers, not at the network firewall layer. The underlying host and network infrastructure are managed by Okta.

 

Okta's internal infrastructure firewall protects the service, exposing only necessary ports, such as 443, to the public internet.

Inbound traffic can be controlled using Network Zones, which filter access based on source Internet Protocol (IP) address, geographic location, and IP type, rather than by destination port.

Recommended content

Still looking for help?
Loading
Blocking Specific TCP or UDP Ports in Okta