IP token validation protects the Core API (Swagger) from unauthorized users and can be used in conjunction with IP authorization to manage organizational access. The token validation process accomplishes this by periodically validating the IP associated with the token. If there is any change to the IP during the session, the user will be logged out and asked to log in again.
IP token validation can be used with one of the following options:
off: No IP token validation is performed for any authentication requests. This is the default setting for IP token validation.
on: IP token validation is performed for all SSO and basic API access requests.