Geolocation Allow or Deny Country Action
The Geolocation Allow or Deny Country Action can be configured to only allow login if the user is in a certain country or not in some country. The admin is able to configure the countries where login should succeed or configure a list of countries where login should fail.
The admin can configure the action so users with IP addresses from specific countries are able to login, causing users from other countries to fail. For example, if configured to allow Sweden and Norway, a user trying to login from Italy will fail. Conversely, if configured to deny Finland and Estonia, a user from Sweden will succeed.
Configuration#
The configuration of the Geolocation Allow or Deny Country action accepts the following parameters:
| Configuration | Mandatory | Description |
|---|---|---|
| allow-listed-countries | No | Enable to allow the countries in the list, disable to deny them. Default value: true. |
| country-list-to-allow-or-deny | Yes | The list of countries to allow or deny in ISO-3661 code. |
Back-channel support#
This action can be used in back-channel authentication.