After enabling "Lock sessions to the IP address from which they originated" still able to login to workbench in same session and callouts are also working.
Didn't understand the working of it.How does it affect callouts,exposed REST services from salesforce and workbench sessions?
Best Answer
According to the definition
Determines whether user sessions are locked to the IP address from which the user logged in, helping to prevent unauthorized persons from hijacking a valid session.
Since you are already using same machine to access Salesforce and workbench and other things thats why it is taking the same session.
You cannot use this session Id from different machine to login.
By the way, if you want to revoke those sessions then go to user record and revoke under
OAuth Connected Apps.