Question:
How are IP whitelist restrictions enforced on a tenant's APIs? I’m still able to obtain a token using the authentication API (https://auth.reltio.com/oauth) from any IP address, even after enabling IP whitelisting.
Answer:
This behavior aligns with global standards. Authentication requests are routed through Reltio’s centralized authentication servers, which are publicly accessible and not tenant-specific. As such, IP whitelisting does not apply to these authentication endpoints. It is expected that you can retrieve an access token from any IP address, since the auth service is designed to be available globally without IP restrictions.
Please refer to the below diagram:-
However, when you use the generated token to make an API request to a tenant with IP whitelisting enabled, the source IP address of that request must be included in the tenant’s whitelist. If it is not, the request will result in a 403 Forbidden error. Only requests originating from whitelisted IP addresses will be processed successfully.
To add an IP address to the whitelist, you can contact Reltio Support.
Comments
Article is closed for comments.