In an effort to give NS1 customers an added layer of account security, we have released IP Whitelisting functionality for our management portal and API. This new feature lives in the Users & Teams of Portal v2 under the Account > Account Settings drop-down menu. API documentation has been updated to reflect these changes. Please note this functionality has not been added to Portal v1.
Global IP Whitelists
These whitelists are generated on an account-wide basis and apply to all teams, users and API keys that live within your NS1 account. The lone exception being when a team/user/key has more strict permissions set through the “Apply this IP Whitelist Exclusively” setting. We will expand upon this in a bit.
In the Users & Teams section of your portal, select the Users tab and click the pencil icon next to your username to edit permissions. Check the box next to "manage ip whitelist", scroll to the bottom of the modal and Save Changes.
This will cause the “Global IP Whitelist Records” to appear. Scroll here and click “Add Record.”
Enter a name for your new whitelist. Note that at this time we only accept IPv4 addresses in CIDR notation. As this example indicates, IP addresses can be entered individually or in blocks (eg. /24s).
Hit “Save Changes.” The portal will automatically offer to add the current user IP to that user’s IP Whitelist if it is not already included in the Global whitelist.
Team IP Whitelists
User permissions can be set in bulk under the Teams section, and we’ve now extended this functionality to include IP whitelists. NS1 users can now apply IP whitelists across a group of users or API keys to manage things more easily.
When you click the Teams tab, you’ll notice a padlock icon for managing IP whitelists. Simply click on this icon to add new IPs or edit an existing list.
To add multiple IPs to a list, hit Enter/Return or Tab on your keyboard. Be sure to give your whitelist a name and save changes.
Note that a team can have more than one whitelist assigned to it. After hitting save, simply click “Add Whitelist” to generate a new whitelist delegated to the team you’re currently working in. To manage other components of your team’s settings, click the arrow at the top left of the modal (in this example “< Development Team’s IP Whitelists”).
Individual User IP Whitelists
Whitelists can also be enabled at the user level. When editing an individual user or API key, you will now notice an option to add IP addresses along with a checkbox labeled “Apply this IP Whitelist Exclusively.”
This will enable a more strict enforcement of whitelists, meaning that any whitelists entered at the Global or Team level will be overridden and only the IPs entered here will be valid for this particular user. This works the same way for API keys.