Create an IP Allowlist
Protect your projects against unauthorized use by restricting access to a set of trusted IP addresses using an IP Allowlist.
Define one easy-to-maintain allowlist per company account. Each allowlist can contain an unlimited number of network ranges and/or IP addresses that can access your company’s project dashboards and API communication endpoints.
Only the company account owner can manage the IP allowlist.
Before creating your IP Allowlist, plan your approach and gather user data. Doing this preliminary work will significantly reduce support calls related to project access after you build your allowlist.
These rules and guidelines make it easier to create and maintain your company’s IP Allowlist.
- Inventory all individuals that must have access to your company’s projects, then identify and list their IP addresses. Your list may include company employees, outside contractors, and agency employees.
- Any user who has access to your company’s projects should be allowlisted.
- Messaging projects: Go to Settings » Project Configuration and click Manage for Team Access, and note the usernames in the Team Member list. Repeat for each of your projects.
- Mobile wallet projects: Click in the right side of the Airship dashboard header, then click Team Management and note the usernames in the Accepted Invitations list.
- Add your own IP address to the allowlist first. To make that easy, your IP address is listed at the top of the IP Allowlist screen.
- If anyone, including you, needs to have access to a project when working remotely (from home, hotel, convention center, coffee shop, etc.), his or her remote IP address must be included on the allowlist in addition to the work IP address. Bear in mind that some internet service providers periodically rotate their customers’ IP addresses. If this is a common occurrence, consider recommending that individuals working remotely tunnel in to your company’s network via a corporate virtual private network (VPN) that routes all their traffic through the corporate network.
Create your list
When you save the first IP address or range on the allowlist, you will block all individuals not originating from that saved IP address or range; they will not be able to access any of your company’s projects. Consider creating the initial allowlist off-hours to avoid inadvertently blocking a colleague’s access to a project.
- If you need to access your company’s Airship account from more than one location / IP address, add each of those IP addresses in this initial session.
- If your current IP address is not in the IP range you’re attempting to add or isn’t in the saved IP ranges, you will get a validation error; the system will prevent you from locking yourself out in the same session you’re setting up.
- Duplicate address entries and overlapping address blocks will not cause error messages.
- Click in the right side of the dashboard header and select IP Allowlist.
- Click Add IP and enter your current IP address, which is displayed at the top of the screen.
- Click Add IP and enter an individual IP address or a block of IP addresses using CIDR notation.
- Click Save allowlist.