API Key IP Whitelisting Policy

To enhance the security of your integrations, Nomsa now supports IP whitelisting for all API keys.

For New API Keys (Created on or after June 16)

IP whitelisting is mandatory for all newly generated API keys.

  • You must provide at least one valid IPv4 address when creating a new key visit.

  • API keys will not be active or usable until a valid IP address is added to the whitelist.

For Legacy API Keys (Created before June 16)

  • Existing (legacy) API keys will continue to function without IP restrictions.

  • However, for enhanced security, you are encouraged to manually enable IP whitelisting. visit.

  • Once IP whitelisting is enabled, the API key will only accept requests from the specified IP addresses.

IP Whitelisting Rules and Limitations Rule Details

Rule
Details

Format

Only IPv4 addresses are supported (e.g., 192.168.1.100)

Maximum allowed

Up to 20 IP addresses per API key

Legacy Key Support

Optional – Can be configured manually

Duplicate prevention

Duplicate IPs are not allowed

Range support

CIDR notation and IP ranges are not supported

Requirement for New Keys

Yes – At least one IP must be added during key generation

Note: Always update your whitelist when your server IP changes to ensure continued access.

How to Configure IP Whitelist for Legacy API Keys

Navigate to API Keys Settings section in your account. Locate your Legacy API Keys and click Edit, scroll to the IP Whitelist section. Click Add New and enter up to 20 IPv4 addresses. Click Update Key to save and apply the changes.

Once configured, the legacy API key will accept requests only from the specified IP addresses.

PreviousGenerate your API KeyNextRotate your API Key

Last updated