영진채.15505 (Customer) asked a question.
Is There a Way to Restrict IP Access for Okta API Keys?
Hello,
I am exploring options to enhance the security of our Okta API keys to prevent unauthorized administrative actions if these keys are exposed.
Specifically, I'm interested in whether it's possible to restrict the use of these API keys to certain internal IP addresses.
This measure is intended to limit the risk of external entities using compromised keys.
If such IP-based restrictions or similar security measures are available, I would appreciate detailed information on how to implement them.
Thank you for your assistance.
I suggest move api token to api sevice by custom OAuth server. API token with the permission as same as the user who create it and no other control. but we can grant OAuth2.0 scope for API service which you want and add policy and rule like ip limit for custom authorization server.
https://developer.okta.com/docs/guides/implement-oauth-for-okta-serviceapp/main/
https://developer.okta.com/docs/concepts/auth-servers/#which-authorization-server-should-you-use