IP whitelist

This article might be out of date

Please note we've moved to the new Help Center, hence this article might be outdated. 

Please visit our new Help Center to access the latest articles. 

With v2 of Nordigen Account Information API users have the ability to use IP whitelisting to control access to sensitive banking information.

IP whitelisting is a feature similar to a firewall that allows one to define exclusive ranges of IP addresses that can communicate with the API and receive information. All HTTP(s) requests from servers outside these ranges will receive a status-403 error message as a response.

Setting up IP whitelisting

You can set up IP whitelisting when you generate new access credentials on the User Secrets page:

  • First, enter a comma-separated list of IP's using CIDR notation, for example:  198.51.100.0/24,189.53.100.0/22,2001:db8::/48
  • You can combine IPv4 and IPv6 addresses in your list, as you can see in the example above.
  • Leave the default value 0.0.0.0/0 unchanged not to filter addresses - this effectively disables whitelisting for IPv4 addresses.
  • Add ::/0 to allow all IPv6 addresses.  0.0.0.0/0, ::/0 allows all addresses of both protocols. Any server that can provide valid credentials will be able to query the API.

N.B.! If your list includes 0.0.0.0/0 or ::/0 among other address ranges, this will have the effect of allowing all IP's of the respective protocol.

Did this answer your question? Thanks so much for your feedback! 🙏🏼 There was a problem submitting your feedback. Please try again 🙏🏼

Still need help? Contact Us Contact Us

Related Articles