We would like to restrict the OIDC app from being accessed from a certain IP range.
I know we can restrict users with IP network zone restriction but we want to restrict communication between Okta and the OIDC app itself so the request should be coming from only certain IPs from that app.
is there a way to do this?
Have you looked at creating an Authentication Policy, assigning it to the target OIDC app, and configuring a Rule that will Deny users access if they are accessing the application from an IP outside of the defined zone?
More details on the options you can use in an Authentication Rule found here: Add an authentication policy rule | Okta