Named locations in Azure Active Directory

With named locations, you can label trusted IP address ranges in your organization. Azure Active Directory uses named locations in the context of:

This article explains, how you can configure named locations in your environment.

Entry points

You can access the named location configuration page in the Security section of the Azure Active Directory page by clicking:

Entry points

  • Conditional access:

    • In the Manage section, click Named locations.

      The Named locations command

  • Risky sign-ins:

    • In the toolbar on the top, click Add known IP address ranges.

      The Named locations command

Configuration example

To configure a named location:

  1. Sign in to the Azure portal as global administrator.

  2. In the left pane, click Azure Active Directory.

    The Azure Active Directory link in the left pane

  3. On the Azure Active Directory page, in the Security section, click Conditional access.

    The Conditional access command

  4. On the Conditional Access page, in the Manage section, click Named locations.

    The Named locations command

  5. On the Named locations page, click New location.

    The New location command

  6. On the New page, do the following:

    The New blade

    a. In the Name box, type a name for your named location.

    b. In the IP ranges box, type an IP range. The IP range needs to be in the Classless Inter-Domain Routing (CIDR) format.

    c. Click Create.

What you should know

Bulk updates: When you create or update named locations, for bulk updates, you can upload or download a CSV file with the IP ranges. An upload adds the IP ranges in the file to the list instead of overwriting the list.

The Upload and Download links

Limitations: You can define a maximum of 60 named locations, with one IP range assigned to each of them. If you have just one named location configured, you can define up to 500 IP ranges for it.

Next steps

To learn more about: