Auth0 IP Addresses for Allow Lists
If you have custom code executing in Auth0 that calls a service inside your network, or if you've configured an on-premise SMTP provider in Auth0, then you may need to configure your firewall to allow inbound traffic from Auth0.
Features that may require you to allow inbound traffic from Auth0 include:
Outbound calls
IP addresses are subject to change. In the event of an IP address change, Auth0 sends notifications several months before changes take place. The lists are up-to-date at the time of writing.
When Auth0 makes outbound calls, the IP addresses are static. Auth0 translates internal IP addresses to one of the displayed options when reaching out using NAT.
Public Cloud
For Public Cloud tenants, the IP addresses that you must allow through your firewall are specific to the tenant's region.
The list of IP addresses for each region are listed below:
United States
174.129.105.183, 18.116.79.126, 18.117.64.128, 18.191.46.63, 18.218.26.94, 18.232.225.224, 18.233.90.226, 3.131.238.180, 3.131.55.63, 3.132.201.78, 3.133.18.220, 3.134.176.17, 3.19.44.88, 3.20.244.231, 3.21.254.195, 3.211.189.167, 34.211.191.214, 34.233.19.82, 34.233.190.223, 35.160.3.103, 35.162.47.8, 35.166.202.113, 35.167.74.121, 35.171.156.124, 35.82.131.220, 44.205.93.104, 44.218.235.21, 44.219.52.110, 52.12.243.90, 52.2.61.131, 52.204.128.250, 52.206.34.127, 52.43.255.209, 52.88.192.232, 52.89.116.72, 54.145.227.59, 54.157.101.160, 54.200.12.78, 54.209.32.202, 54.245.16.146, 54.68.157.8, 54.69.107.228, 35.163.239.160, 35.84.251.254, 35.167.18.198, 52.24.135.235, 34.194.64.147, 3.223.155.184, 3.211.51.217, 35.169.92.26, 52.44.86.45
Europe
18.197.9.11, 18.198.229.148, 3.125.185.137, 3.65.249.224, 3.67.233.131, 3.68.125.137, 3.72.27.152, 3.74.90.247, 34.246.118.27, 35.157.198.116, 35.157.221.52, 52.17.111.199, 52.19.3.147, 52.208.95.174, 52.210.121.45, 52.210.122.50, 52.28.184.187, 52.30.153.34, 52.57.230.214, 54.228.204.106, 54.228.86.224, 54.73.137.216, 54.75.208.179, 54.76.184.103, 52.28.75.205, 3.76.59.117, 35.156.61.80, 34.252.84.13, 54.73.157.249, 54.195.132.232
Australia
13.210.52.131, 13.238.180.132, 13.55.232.24, 16.50.37.252, 16.51.137.244, 16.51.49.47, 54.153.131.0, 54.252.2.143, 54.79.31.78
Canada
15.222.97.193, 3.97.144.31, 40.176.144.225, 40.176.166.165, 40.177.34.170, 99.79.94.44
Japan
13.208.85.227, 15.152.185.222, 15.152.2.46, 15.152.28.221, 15.152.56.146, 15.152.95.63, 176.34.22.106, 35.74.30.168, 43.206.201.6, 46.51.243.250, 54.150.87.80, 54.248.192.141
United Kingdom
18.135.40.36, 3.10.89.10, 3.8.59.62
Private Cloud
For Private Cloud tenants, the IP addresses that you must allow through your firewall are unique to the tenant's environment. Auth0 may receive your tenant's private IP addresses if you enable features like Tenant Logs, Suspicious IP throttling, Custom Databases, and Actions that rely on them.
These IP addresses are known as Primary Egress IPs and are listed under the environment's configuration data available in the Auth0 Support Center.
Inbound calls
IP addresses related to inbound calls to Auth0 may be variable due to the lack of fixed IP addresses on the load balancers. In this case, firewall rules should operate on the name of the service (for example: <YOUR_TENANT>.<YOUR_REGION>.auth0.com).
If your Auth0 subscription allows you to configure a self-managed custom domain, you can configure that custom domain to have a static IP address. Self-managed custom domains give you control over the network entry point and let you ensure that the IP address is fixed. For information on subscription plans, see Auth0 Pricing.