Rediger

Del via

Restrict caller IPs

APPLIES TO: All API Management tiers

The ip-filter policy filters (allows/denies) calls from specific IP addresses and/or address ranges.

Note

Set the policy's elements and child elements in the order provided in the policy statement. To help you configure this policy, the portal provides a guided, form-based editor. Learn more about how to set or edit API Management policies.

Policy statement

<ip-filter action="allow | forbid">
    <address>address</address>
    <address-range from="address" to="address" />
</ip-filter>

Attributes

Attribute Description Required Default
action Specifies whether calls should be allowed (allow) or not (forbid) for the specified IP addresses and ranges. Policy expressions are allowed. Yes N/A

Elements

Element Description Required
address Add one or more of these elements to specify a single IP address on which to filter. Policy expressions are allowed. At least one address or address-range element is required.
address-range Add one or more of these elements to specify a range of IP addresses from "address" to "address" on which to filter. At least one address or address-range element is required.

Usage

Usage notes

  • If you configure this policy at more than one scope, IP filtering is applied in the order of policy evaluation in your policy definition.

  • If action is set to allow, requests that don't match any address or address-range are denied. If action is set to forbid, requests that don't match any address or address-range are allowed.

Example

In the following example, the policy only allows requests coming either from the single IP address or range of IP addresses specified.

<ip-filter action="allow">
    <address>13.66.201.169</address>
    <address-range from="13.66.140.128" to="13.66.140.143" />
</ip-filter>

Related content

For more information about working with policies, see:

  • Last updated on