For enterprise networks or networks with restricted traffic, it's common for system administrators to configure a whitelist of outgoing traffic. Historically, Corppass has advised partners against whitelisting IP addresses and instead recommends whitelisting by domain.
Here's why:
Corppass currently operates on AWS, and CloudFront maintains a large number of IP addresses in its CDN to ensure high availability of our services. This list changes from time to time.
Therefore, if you whitelist Corppass endpoints by IP address, there's no guarantee these IP addresses won't change. When they do, your e-service will no longer be able to access Corppass.
Thus, it is always advisable to whitelist by domain.
If you still need to use some form of IP address whitelisting, you can refer to the following AWS CloudFront documentation:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html
List of IP Addresses:
https://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips
Comments
0 comments
Please sign in to leave a comment.