User16122164798208692640 (Customer) asked a question.
User is continuously flagged for impersonation
Hello all, all of a sudden, one of our users keeps getting impersonation alerts on her home ip* and the ThreatInsight functionality is being triggered.
I followed whitelisting steps by creating a zone for the person's specific iP* called and then adding that zone to the Exempt list in Threat Insight. The user was able to sign in once between 7:45pm-8:00pm and then was blocked again after 8pm and continues to be even though that iP* is whitelisted. Where else am I supposed to white list it?
Mihai here with Okta support.
Step 1 , Go to Admin portal - > Security - > Networks - > Add zone -> Ip zone -> Zone Name ( Call it '' Whitelist '' ) Add the IP address that you need to whitelist in the Gateway IPs tab - > Save
Step 2. Go to Security - > General - > ( Scroll down to ) Okta ThreatInsight Settings - > Click Edit -> Check this option - Log authentication attempts from malicious IPs -> Exempt Zones - Add '' Whitelist '' zone.
If this is not working I suggest you to open a case and we will be happy to assist you.
Thank you!