Skip to main content

IP Allowlist

The IP Allowlist lets you restrict access to your app environment by IP address. When one or more active entries exist, only connections from those listed IP addresses are allowed. All other traffic is blocked at the ingress level.

How to Configure

  1. Navigate to your app environment and go to the Network tab
  2. Click New IP address
  3. Enter an IP address, CIDR range, or wildcard
  4. Optionally add a description and set an auto-expiration
  5. Click Add

Supported Formats

  • Single IP: 203.0.113.50
  • CIDR range: 192.168.1.0/24 (allows all IPs in that subnet)
  • Wildcard: * (allows any IP -- useful for temporarily disabling the allowlist without removing entries)

Convenience Buttons

  • Current IP -- auto-detects your current public IP address and fills it in
  • Any IP -- sets the value to *

Auto-Expiration

Each entry can be configured to auto-expire after a set duration. Expired entries are automatically removed by a background job that runs every hour. When entries expire, a deploy is triggered automatically to apply the updated allowlist.

OptionDuration
NeverEntry persists until manually removed
After 6 hoursAuto-removed after 6 hours
After 12 hoursAuto-removed after 12 hours
After 1 dayAuto-removed after 24 hours
After 1 weekAuto-removed after 7 days
After 1 monthAuto-removed after 30 days

Tip: Use auto-expiration for temporary access, such as granting a contractor access for a week or opening access during a maintenance window.

Active and Inactive Entries

Each entry has an active/inactive toggle. You can deactivate an entry without deleting it. Inactive entries are preserved in your list but are ignored during deployment -- they do not allow or block any traffic.

This is useful when you need to temporarily remove an IP restriction but want to re-enable it later without re-entering the details.

Deployment Behavior

IP Allowlist changes are deployed immediately. Unlike most configuration changes, they do not go through the pending changes workflow. This is because access restrictions are security-critical and should take effect as quickly as possible.

Use Cases

  • Protect staging environments -- restrict access to your team's office IP range
  • Maintenance windows -- temporarily limit access to operations staff during maintenance
  • Admin panel protection -- restrict access to internal tools by IP
  • Temporary contractor access -- grant time-limited access using auto-expiration
  • Compliance requirements -- restrict access to specific geographic or network ranges

Best Practices

  1. Use auto-expiration for temporary access -- avoid stale entries by setting an appropriate expiration when granting temporary access
  2. Use CIDR ranges for office networks -- instead of adding individual IPs, use a CIDR range to cover your office or VPN subnet
  3. Document entries with descriptions -- add meaningful descriptions so you can identify the purpose of each entry later
  4. Test before restricting -- make sure your own IP is included before enabling restrictions, to avoid locking yourself out
  5. Use inactive toggle for maintenance -- deactivate entries temporarily instead of deleting them if you plan to re-enable them

API and MCP Access

You can manage the IP Allowlist programmatically:

  • Public API -- use the allowlist endpoint to add, update, and remove entries
  • MCP tools -- use the update-app-env-allowlist tool