SeanB.78525 (Customer) asked a question.
Exclude IP Zone from Client-based Rate Limiting?
We would like to enable client-based rate limiting as a safeguard, but our gateway IP is being rate limited due to older clients that use a non-browser login, which send a null device ID (no cookies). All of those users are considered a single client by Okta for the purpose of client-based rate limiting (IPAddress=GatewayIP, ClientID=client123, DeviceID=null). Is it possible enable client-based rate limiting, but also exclude certain IPs? We do stay under the request per minute limit, but it's the client-based concurrency limit that prevents us from enabling this feature.
Hello @SeanB.78525 (Customer)
Please check the following link with information related to your question: https://developer.okta.com/docs/reference/rl-clientbased/
Regards,
Natalia
Okta Inc.