Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.getimmutable.dev/llms.txt

Use this file to discover all available pages before exploring further.

Overview

IP allowlisting lets you restrict API access to a set of trusted IP addresses or CIDR ranges. When enabled, requests from unlisted IPs are rejected with 403 Forbidden.

How It Works

  1. Add IP addresses or CIDR ranges to your workspace allowlist from Settings > Security in the dashboard.
  2. Once the allowlist is non-empty, only requests from listed IPs are permitted.
  3. Requests from unlisted IPs receive a 403 response.
{
  "error": "forbidden",
  "message": "Your IP address is not in the workspace allowlist."
}
Be careful when enabling IP allowlisting. If you add an incorrect range and lock yourself out, you will need to contact support to reset the allowlist. Always include your current IP address before enabling.

CIDR Notation

IP allowlisting supports both individual addresses and CIDR ranges:
EntryMatches
203.0.113.42Single IP address
203.0.113.0/24256 addresses (203.0.113.0 through 203.0.113.255)
10.0.0.0/8All 10.x.x.x addresses
2001:db8::/32IPv6 range

Scope

The allowlist applies to all API keys in the workspace. There is no per-key allowlisting — if you need different access restrictions, use separate workspaces.
Leave the allowlist empty to permit requests from any IP address. IP allowlisting is optional.

Plan Quotas

PlanIP Allowlist Entries
Free2
Starter10
Pro50
EnterpriseUnlimited