To monitor login activity more thoroughly and prevent potential threats, you can now see what value the client passed in the X-Forwarded-For header of their HTTP request to Salesforce. For logins that redirect users to one or more proxies, the X-Forwarded-For field is sometimes used to store the origin IP address of the client. Use the new Forwarded for IP column in the Login History and related fields to track the origin IP address. This change isn’t available for OAuth and single sign-on (SSO) logins.
Where: This change is available in Lightning Experience (not available in all orgs) and Salesforce Classic in all editions.
Why: Salesforce tracks the Source IP of login requests, but for logins that redirect through multiple proxies, the origin IP address isn’t always reflected in the source IP. In this case, the Forwarded for IP value is a better way to tell where the original request came from.
How: From Setup, in the Quick Find box, enter Login History, and then select Login History. Add the Forwarded for IP column to your Login History list view.