Versions Compared

Old Version 3

changes.mady.by.user Girish Reddy

Saved on

compared with

New Version Current

changes.mady.by.user Girish Reddy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Feature

Description

Allowlist IP Addresses

Defining IP allowlists In Jira Premium you can define an allowlist and block traffic from non-allowed sources. This will block out Forge apps as well, so you need to allow forge ip ranges.You can . You will get an error like this: {"code":403,"message":"The IP address has been rejected because it is not on the allowedlist. See your admin for more information."}

You need to configure IP allowlists by going to admin.atlassian.com, Security tab and clicking on IP allowlists. Currently you need to only allow these ranges:

8 Forge IP ranges (as documented in CHANGE-1168):

Code Block
18.236.52.165/32
34.215.254.205/32
35.160.6.102/32
52.43.192.52/32
52.89.100.78/32
54.190.195.254/32
54.214.155.219/32
54.218.196.28/32

14 Outgoing IP ranges (as documented in CHANGE-1523You can use these IP address ranges to allow Forge apps to make connections through firewalls or integrate with software (including Jira API) that has a managed IP allowlist.

Forge apps currently use the following IP address ranges for outbound connections (see Outgoing Connections):

Code Block
13.52.5.96/28
13.236.8.224/28
18.136.214.96/28
18.184.99.224/28
18.234.32.224/28
18.246.31.224/28
52.215.192.224/28
104.192.137.240/28
104.192.138.240/28
104.192.140.240/28
104.192.142.240/28
104.192.143.240/28
185.166.143.240/28
185.166.142.240/28

2401:1d80:3000:100::/61
2401:1d80:3000:200::/61
2401:1d80:3000:300::/61
2401:1d80:3000:400::/61
2401:1d80:3000:500::/61
2401:1d80:3000:600::/61
2401:1d80:3000:700::/61
2406:da18:809:e04::/63
2406:da18:809:e06::/64
2406:da1c:1e0:a204::/63
2406:da1c:1e0:a206::/64
2600:1f14:824:304::/63
2600:1f14:824:306::/64
2600:1f18:2146:e304::/63
2600:1f18:2146:e306::/64
2600:1f1c:cc5:2304::/63
2a05:d014:f99:dd04::/63
2a05:d014:f99:dd06::/64
2a05:d018:34d:5804::/63
2a05:d018:34d:5806::/64

To configure, go to admin.atlassian.com then browse to the Security tab and click on IP allowlists in the left side navigation. Now simply create an AllowAtlassianForge a rule like so below with the ip ranges from above:

Image Removedimage-20240509-172045.pngImage Added