Documentation

 

 

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Updated August 27September 23, 2020

Understanding how SecureAuth cloud IP addresses are used

...

Geo load balanced URLIP addressSecureAuth cloud services configuration
us-cloud.secureauth.com 
208.82.207.89
146.88.110.112
162.216.42.110


Definition List
Certificate URLX.509 Certificate Services (SHA 1 and SHA 2) to issue user certificates.


The following URL configurations apply to versions of the SecureAuth IdP versions 9.3 and earlier. 
Definition List
Telephony URL

Telephony Service (text-to-speech) to deliver one-time passcodes by voice call to user's phone number.

SMS URLSMS Service to deliver one-time passcodes by SMS / text message to user's mobile phone number.
Push URL

Push Service to deliver one-time one-time passcodes in any of the following ways:

  • Push Notification to user's mobile device
  • Deliver mobile login requests (Accept / Deny) via SecureAuth Authenticate App to user's mobile device 
Link-to-Accept URLLink-to-Accept to deliver SMS text messages to user's mobile device. The link in emails and SMS text messages points to SecureAuth cloud.
Phone Fraud Service URLPhone Number Fraud Prevention Service to retrieve user's phone number profile to use in phone number blocking.
Geo-Location URLGeo-location Service to retrieve IP address geo-location (known as Dynamic Perimeter) information to use in Adaptive Authentication analysis.
SecureAuth Threat ServiceSecureAuth Threat Service to retrieve IP address reputation / threat score to use in Adaptive Authentication analysis.
nge-cloud.secureauth.com
146.88.110.98
162.216.42.101
Definition List
Certificate URLX.509 Certificate Services for SHA 2 RSA (384) Certificates

us-services.secureauth.com

us-audit.secureauth.com

US-EAST-1                         US-WEST-2                         
18.208.0.0/13
52.95.245.0/24
54.196.0.0/15
216.182.224.0/21
216.182.232.0/22
107.20.0.0/14
99.77.128.0/24
67.202.0.0/18
184.73.0.0/16
3.80.0.0/12
54.80.0.0/13
3.224.0.0/12
54.221.0.0/16
54.156.0.0/14
54.236.0.0/15
54.226.0.0/15
162.250.237.0/24
52.90.0.0/15
100.24.0.0/13
54.210.0.0/15
54.198.0.0/16
52.20.0.0/14
52.94.201.0/26
52.200.0.0/13
54.160.0.0/13
162.250.238.0/23
35.153.0.0/16
52.70.0.0/15
52.94.248.0/28
99.77.254.0/24
52.54.0.0/15
54.152.0.0/16
54.92.128.0/17
52.0.0.0/15
184.72.128.0/17
23.20.0.0/14
18.204.0.0/14
54.88.0.0/14
162.250.236.0/24
99.77.129.0/24
54.204.0.0/15
52.86.0.0/15
52.44.0.0/15
18.232.0.0/14
54.174.0.0/15
50.16.0.0/15
35.168.0.0/13
99.77.191.0/24
3.208.0.0/12
174.129.0.0/16
72.44.32.0/19
34.224.0.0/12
54.224.0.0/15
75.101.128.0/17
34.192.0.0/12
54.208.0.0/15
54.242.0.0/15
216.182.238.0/23
54.234.0.0/15
54.144.0.0/14
52.2.0.0/15
184.72.64.0/18
204.236.192.0/18
15.193.6.0/24
52.4.0.0/14
208.86.88.0/23
44.192.0.0/11
52.72.0.0/15
52.95.255.80/28
50.19.0.0/16
54.172.0.0/15
52.95.255.112/28
99.77.253.0/24
52.94.249.64/28
52.94.116.0/22
52.40.0.0/14
54.214.0.0/16
15.193.7.0/24
54.244.0.0/16
52.94.248.96/28
52.32.0.0/14
52.10.0.0/15
54.200.0.0/15
35.160.0.0/13
35.155.0.0/16
18.236.0.0/15
70.224.192.0/18
52.46.180.0/22
54.68.0.0/14
52.95.230.0/24
54.184.0.0/13
52.12.0.0/15
52.88.0.0/15
100.20.0.0/14
18.246.0.0/16
34.208.0.0/12
54.212.0.0/15
54.148.0.0/15
99.77.130.0/24
52.36.0.0/14
54.202.0.0/15
52.75.0.0/16
52.24.0.0/14
54.218.0.0/16
52.95.247.0/24
54.245.0.0/16
44.224.0.0/11
50.112.0.0/16

Alternatively, you can view the IP addresses listed in the Amazon EC2 service table. Take note that it lists all AWS IP addresses, and you only want to allow the IPs within "EC2", "us-east-1", and "us-west-2" categories: https://ip-ranges.amazonaws.com/ip-ranges.json

The following URL configurations apply to all versions of the Identity Platform version 19.07 and later.

Definition List
Telephony URL

Telephony Service  (text-to-speech) to deliver one-time passcodes by voice call to user's phone number.

SMS URLSMS Service to deliver one-time passcodes by SMS / text message to user's mobile phone number.
Push URL

Push Service to deliver one-time one-time passcodes in any of the following ways:

  • Push Notification to user's mobile device
  • Deliver mobile login requests (Accept / Deny) via SecureAuth Authenticate App to user's mobile device 
Link-to-Accept URLLink-to-Accept to deliver SMS text messages to user's mobile device. The link in emails and SMS text messages points to SecureAuth cloud.
Phone Fraud Service URLPhone Number Fraud Prevention Service to retrieve user's phone number profile to use in phone number blocking.
Geo-Location URLGeo-location Service to retrieve IP address geo-location (known as Dynamic Perimeter) information to use in Adaptive Authentication analysis.
SecureAuth Threat ServiceSecureAuth Threat Service to retrieve IP address reputation / threat score to use in Adaptive Authentication analysis.
us.audit.secureauth.comUsed by SecureAuth servers to receive customer logs for dashboard and user risk services.



us-trx.secureauth.com 
208.74.31.114
146.88.110.114
162.216.42.111
Definition List
Trx Log Service URLTransaction log service to deliver transaction operation communications to the SecureAuth cloud environment.
Trx Log Mode Code

Transaction log mode code automatically assigned to the appliance during the build process to indicate whether the logging mode is transaction  or user based.

Trx Log Disable Code

Transaction Log disable code provided by SecureAuth Support to temporarily disable transaction web service calls. 

sparkles-content.prod.secureauth.com
iFrame
srchttps://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips
width500
height380


Alternatively, to view the page of listed IP addresses, see http://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips

New Experience Web Admin user interface assets and storage configuration.

 
Other URLIP addressUse in Identity Platform
fonts.gstatic.comN/ANew Experience Web Admin user interface assets.
fonts.googleapis.comN/ANew Experience Web Admin user interface assets.
https://restcountries.euN/ANew Experience Web Admin user interface assets. 
https://raw.githubusercontent.com N/ANew Experience Web Admin user interface assets. 


Image Modified


UI Text Box
sizemedium
typenote

Important information about MSG level encryption

The msg level encryption endpoints are deprecated (no longer appending /msg after .svc in the URL). Going forward, use https in the URL configuration. 

...