# Device Restrictions

The ***Admin - Device Restrictions*** page in BlueFletch Portal provides control over blocking and unblocking devices within your organization. Click here to access the page in your organization's Portal.

Blocking unauthorized devices strengthens the security of the BFE cloud backend by restricting access. This functionality strengthens endpoint security for device applications like Launcher, Chat, Device Finder, and Playbook by ensuring only authorized devices can communicate with the BFE cloud backend.

## How It Works

The Device Restrictions feature offers a multi-faceted approach to bolstering BFE's security posture. By restricting unauthorized devices from interacting with the BFE cloud backend, it mitigates potential security breaches and grants administrators granular control over device access.

1. Administrators with the Key Management role can identify specific devices within the organization and designate them as "blocked".
2. Blocked devices are denied access to the BFE cloud backend.
3. Any API requests originating from a blocked device are automatically rejected.

{% hint style="info" %}
Note: Blocking and unblocking devices requires the Key Management role. Users with only the Admin role will not have access to the menu option for these actions.
{% endhint %}

## Activating Device Restrictions

### Step 1: Accessing Device Restrictions Settings

1. Log in to the BFE Portal. 
2. Navigate to the Admin section. 
3. Click on the Security tab. 

### Step 2: Blocking a Device

1. Under the Security settings, choose Device Restrictions. A list of all devices within your organization will be displayed.

<figure><img src="/files/TkBJIhzhmEojjmAzE93B" alt="" width="563"><figcaption></figcaption></figure>

2. Click the menu on the device you want to restrict access for.

<figure><img src="/files/j8ut3w3lf91kDI3BMyHU" alt=""><figcaption></figcaption></figure>

3. Once the device details are displayed, click the BLOCK button. By clicking BLOCK, the selected device will be prevented from making any API Key requests to the BFE cloud backend.

<figure><img src="/files/SgreeieRuYyjDGJ2SdNK" alt=""><figcaption></figcaption></figure>

### Step 3: Unblocking a Device

1. Select the Device Restrictions option within Security settings.

<figure><img src="/files/bPFxTgS80z5UhS3a5E4W" alt=""><figcaption></figcaption></figure>

2. In the list of devices, find the one you want to unblock and select it.&#x20;

<figure><img src="/files/c98k6hGVbn5puer5PkjX" alt=""><figcaption></figcaption></figure>

3. By clicking UNBLOCK, this will restore its access to the BFE cloud backend.

<figure><img src="/files/zzQnpsUHD7EiAmLLOUw0" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.bluefletch.com/bluefletch-enterprise/product-guides/portal/admin/key-management/device-restrictions.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.