Skip to main content

Authorize IP addresses for API calls to improve security

Sendinblue filters attempt to make API calls on your account based on their IP address. This feature is helpful to secure your account and prevent malicious activity.

💡 Good to know
This feature is activated by default and can be disabled, to learn how, go to Option 3. Disable the IP address detection and authorization.

Why controlling unknown IP addresses attempting API calls is good practice?

Having control over unknown IP addresses that attempt to make API calls on your account will improve security. Indeed, private data can be accessed this way and you may want to add an extra layer of security. You can do it in Sendinblue by authorizing a group of IPs to make your API calls.

💡 Good to know
Sendinblue allows you to use an API key and API calls to remotely perform actions like sending emails, SMS, and transactional emails. 
To learn more about API keys, check our dedicated article What’s an API key and how can I get mine?

What's an IP address?

Each time a user makes an API call on your account, their IP address is registered on the platform. An IP address is an address that identifies a device on the internet. In the context of Sendinblue, an IP address can identify the origin of the API call. Authorizing certain IP addresses allows you to make sure you know the origin of the API calls made on your account. IP addresses can be grouped in what we call "IP ranges".

Authorize IP addresses

Each time an API call is made, we register the IP address it comes from on the platform. You can then authorize or not the new IP address from the Authorized IPs section.

You have three possibilities for this: 

  • Option 1. Let Sendinblue powerful algorithm authorize IP addresses and only review the ones that are suspicious. [by default] 
  • Option 2. Manually authorize IP addresses and review all unknown IP addresses.
  • Option 3. Disable the Authorized IPs option and allow all IP addresses to make API calls.
❗️ Important
Only account owners can authorize new IP addresses. 

To access the Authorized IPs section, click the profile button > Security > Authorized IPs

mceclip0.png

mceclip1.png

Option 1. Automatically authorize IP addresses [by default] 

mceclip2.png

By default, this option is enabled on your account and is the quickest and safest way to secure who asks for API calls.

Keep this option if you want Sendinblue's powerful algorithm to automatically filter every unknown IP address trying to make API calls and authorize on your behalf the IP address we don't consider as suspecious. 

If Sendinblue cannot automatically authorize an IP address, we send you an email. In the email, you get to directly:

  • Authorize the new IP address.
  • Not authorize it and change the API Key.
  • Stop the review of IP addresses and authorize every new IP address. 

➡️ Once an IP address is authorized, the IP address is added to the list of authorized IP addresses. 

mceclip3.png

Option 2. Authorize and review unknown IP addresses yourself

mceclip4.png

Choose this option if you want to authorize yourself unknown IP addresses: from a warning email or manually from Sendinblue. 

Every time an IP address that isn't in your authorized IP addresses list tries to make an API call, we will send you an email warning you about it. In the email, you get to directly:

  • Authorize the new IP address.
  • Not authorize it and change the API Key.
  • Stop the review of IP addresses and authorize every new IP address. 

Manually authorize new IP addresses

Authorizing an IP address from an email we sent you is not the only way to do so. You can also manually authorize new IP addresses. 

  1. Click Authorize new IP address
    mceclip5.png
  2. Type the IP address or IP address range you want to authorize. 
    mceclip6.png
    💡 Good to know
    An IP address is structured as a following of 4 numbers separated by points. 
    Example: 118.29.251.24
    Each number is between 0 and 255. 
    An IP address range is a group of IP addresses. 
    Example of IP address range: 192.168.0/16
  3. Click Authorize new IP

Option 3. Disable the IP address detection and authorization

mceclip7.png

If you disable the IP addresses authorization, every IP address making API calls on your account will be accepted. The following API calls on your account will not be filtered and be automatically accepted. The list of authorized IP will also disappear. 

Manually remove authorized IP addresses

As we saw earlier, when an IP address is authorized, the IP address is added to your authorized IP addresses tab. From this tab, you can decide to remove IP address yourself. 

To do so: 

  1. Go to the authorized IP addresses list. 
  2. Select the IP address you want to exclude. 
    mceclip8.png
  3. Click Remove this authorized IP address

The IP address is removed and cannot perform API calls anymore. 

However, if the automatic authorization option is enabled, and the IP address performs another API call, the removed IP address can be authorized again if it is considered trustworthy. Or you can receive a confirmation email again to authorize it. 

🤔 Have a question?

If you have a question, feel free to contact our support team by creating a ticket from your account. If you don't have an account yet, you can contact us here.