IP address and domain reference
Use the information in this section to configure your network rules for PingOne. For PingOne to function correctly, you might need to configure your network to allow appropriate inbound and outbound traffic.
Inbound
PingOne provides services through several domains. The domains vary based on your organization’s region. These domains are for traffic inbound to PingOne.
Add the following domains to your allow list to ensure that the services are available.
| Region | Domain | ||
|---|---|---|---|
Australia |
api.pingone.com.au apps.pingone.com.au assets.pingone.com.au auth.pingone.com.au console.pingone.com.au http-access-api.pingone.au uploads.pingone.com.au uploads2.pingone.com.au |
||
Canada |
api.pingone.ca apps.pingone.ca assets.pingone.ca auth.pingone.ca console.pingone.ca http-access-api.pingone.ca uploads.pingone.ca uploads2.pingone.ca |
||
Europe |
api.pingone.eu apps.pingone.eu assets.pingone.eu auth.pingone.eu console.pingone.eu http-access-api.pingone.eu uploads.pingone.eu uploads2.pingone.eu |
||
North America (US) |
api.pingone.com apps.pingone.com assets.pingone.com auth.pingone.com console.pingone.com http-access-api.pingone.com uploads.pingone.com uploads2.pingone.com |
||
Singapore |
api.pingone.sg apps.pingone.sg assets.pingone.sg auth.pingone.sg console.pingone.sg http-access-api.pingone.sg uploads.pingone.sg uploads2.pingone.sg |
||
Asia Pacific (legacy)
|
api.pingone.asia apps.pingone.asia assets.pingone.asia auth.pingone.asia console.pingone.asia http-access-api.pingone.asia uploads.pingone.asia uploads2.pingone.asia |
|
The http-access-api.pingone.* domains handle requests from API gateway integration kits to PingOne Authorize API Access Management. Learn more about controlling access to your APIs in API Access Management. |
Firewall settings for end users accessing PingOne from your network
If your organization uses a firewall that restricts inbound traffic, follow the specific procedures for the operating system and the firewall you use to add the LaunchDarkly domain to the allow list. Adding this domain supports feature flag release management for early access or beta features in PingOne.
|
End users accessing PingOne from outside your organization’s network do not need to enable this domain. |
| Region | Domain |
|---|---|
North America - US |
launchdarkly.com |
Outbound
The static IP addresses listed in the Outbound section of the PingOne IP Addresses article on the Ping Identity Support page are used for traffic outbound from PingOne to other services. They’re region-specific and not tied to individual PingOne environments. The static IP addresses are production NAT gateways in each region that are used to send traffic for webhooks, provisioning, custom SMS, voice, or SMTP providers, and API calls made by PingOne DaVinci.
|
You might be prompted to sign on when accessing the Ping Identity Support page. |
Ensure that the static IP addresses are correctly tagged in your network infrastructure so they aren’t inadvertently blocked.
|
Because PingOne operates as a multitenant platform, outbound requests from any environment might originate from the same shared, region-specific IP addresses. Firewall or ingress controls based solely on the platform’s static IP addresses should not be relied upon as a comprehensive security measure. These platform IP addresses are best leveraged for traffic identification, monitoring, and management, in conjunction with additional edge or ingress security controls. |