Network Allowlist

If your test target or the APIs your hooks call sit behind a firewall, allowlist Autosana’s source IPs. The current list is at GET /api/v1/network/allowlist.

curl -fsSL https://backend.autosana.ai/api/v1/network/allowlist \
  -H "X-API-Key: YOUR_API_KEY"

Grab YOUR_API_KEY from Settings → Integrations.

{
  "hook_runners": ["<ip>"],
  "flow_runners": {
    "ios":     ["<ip>", "..."],
    "android": ["<ip>", "..."],
    "web":     ["<ip>", "..."]
  },
  "documentation_url": "https://docs.autosana.ai/network-allowlist"
}

hook_runners — source IPs for HTTP traffic from hook scripts. Stable; rarely changes. Allowlist on firewalls protecting APIs your hooks call.
flow_runners — source IPs for traffic generated when running your tests (browser for web, device for mobile). Changes without notice as we scale workers. Allowlist on firewalls protecting your app under test.

Staying in sync

We don’t notify when IPs change — the endpoint is the source of truth. Three patterns:

Poll from firewall-as-code (Terraform, Cloudflare Worker, CI cron). The endpoint sends Cache-Control: max-age=300, so daily polling is cheap.
Manual refresh. Pull once a month, paste into your firewall.
Broader CIDRs, no polling. GCP us-west1 (filter cloud.json for scope=us-west1) covers Android + web. 207.254.0.0/16 covers iOS. Less precise, zero maintenance.

If hooks start returning 401/403 or flows hit connection errors against your test target, your allowlist is likely stale — pull the endpoint and diff.

​Staying in sync

Staying in sync