Announcing Public Preview of IP based cookie binding in Dataverse
IP cookie binding in Dataverse
IP based cookie binding will help our customer’s organization in responding to cookie replay security threat in Dataverse. IP based cookie binding blocks the cookie replay attack. It does it by evaluating the IP address attached to the cookie. If cookie IP address in the request is different than the IP address of the cookie where it was originally created, the Dataverse API will reject the cookie in real-time, and prompt the user with a message.
This feature is being rolled out for Public Preview starting 8/25/2022 and will continue in the month of September and October 2022. Power Platform admins can enable this preview feature in their environments via Power Platform admin center.
- Select the Environments from the left navigation bar and click on the environment where you want to enable this feature.
- Select Settings –> Product –> Privacy + Security
- Turn on the “Enable IP address-based cookie binding (Preview)”
Note: We recommend enabling this feature in your non-production environments during Public Preview
You can read more about this feature here
Start trying out this feature and let us know what you think! and stay tuned for General Availability