Named locations in Azure Active Directory
With named locations, you can label trusted IP address ranges in your organization. Azure Active Directory uses named locations in the context of:
The detection of risk events to reduce the number of reported false positives.
This article explains, how you can configure named locations in your environment.
You can access the named location configuration page in the Security section of the Azure Active Directory page by clicking:
In the Manage section, click Named locations.
In the toolbar on the top, click Add known IP address ranges.
To configure a named location:
Sign in to the Azure portal as global administrator.
In the left pane, click Azure Active Directory.
On the Azure Active Directory page, in the Security section, click Conditional access.
On the Conditional Access page, in the Manage section, click Named locations.
On the Named locations page, click New location.
On the New page, do the following:
a. In the Name box, type a name for your named location.
b. In the IP ranges box, type an IP range. The IP range needs to be in the Classless Inter-Domain Routing (CIDR) format.
c. Click Create.
What you should know
Bulk updates: When you create or update named locations, for bulk updates, you can upload or download a CSV file with the IP ranges. An upload adds the IP ranges in the file to the list instead of overwriting the list.
Limitations: You can define a maximum of 60 named locations, with one IP range assigned to each of them. If you have just one named location configured, you can define up to 500 IP ranges for it.
To learn more about:
Risk events, see Azure Active Directory risk events.
Conditional access, see Conditional access in Azure Active Directory.
Risky sign-ins reports, see Risky sign-ins report in the Azure Active Directory portal.