Menu
Close
EmailContact
LoginLogin

IP Whitelisting

Domain IP Table

 

Following Domains, Service, Ports and IP addresses need to be whitelisted / enabled on the Proxy, Firewall and any other device that responsible for restricting traffic in your environment.

Type

Domains / IPs

Ports

Section A – You need to whitelist the following IPs irrespective of your journeys

IDfy Webservers

idp.idfy.com – 35.200.154.103

auth.kyc.idfy.com – 34.93.109.159

api.kyc.idfy.com – 34.93.93.212/34.117.83.134

Per Client Configuration:

  1. storage_auth: true and bucket_as_dns: true

    1. *.storage.pg.idfy.com – 35.244.9.232

      bucket_as_dns: true

      1. *.primary.kyc.idfystorage.com – 34.93.190.44 (deprecated for new clients)

  2. *: 

    1. https://storage.googleapis.com/.primary.kyc.idfystorage.com (deprecated for new clients)

In case you cant whitelist *.storage.pg.idfy.com reach out to the IDfy support team for your account-specific URL

TCP: 443

Section B – You need to whitelist the following IPs if you are performing assisted video journeys

Media Server VM Public IPs

ms.idfy.com – 34.93.225.192
ms.idfy.com – 34.93.239.12
ms.idfy.com – 35.200.139.235
ms.idfy.com – 34.93.72.119
ms.idfy.com – 34.93.19.44
ms.idfy.com – 35.200.133.205
ms.idfy.com – 34.93.116.221
ms.idfy.com – 35.200.253.71
ms.idfy.com – 35.200.217.110
ms.idfy.com – 34.93.254.153
ms.idfy.com – 34.93.61.121
ms.idfy.com – 34.93.5.0

agent.video-kyc.idfy.com – 334.93.109.159
ms.idfy.com – 4.93.30.35

 

 

UDP: 5000-65000

UDP: 3478

TCP: 3478

Section C – You need to whitelist the following IPs if you are using webhooks

Webhooks from IDfy

34.93.208.113

34.93.62.124

34.93.216.70

34.93.143.189

TCP: 443

Section D – You need to whitelist the following IPs if you are using the review dashboard

Storage

dashboard.kyc.idfy.com – 34.93.109.159

*.storage.pg.idfy.com – 35.244.9.232

In case you cant whitelist *.storage.pg.idfy.com reach out to the IDfy support team for your account-specific URL

 

TCP: 443

Section D – You need to support the following ciphers

 

 

Supported Ciphers

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

  • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA2

The above cipher suites are not supported in Windows Server 2012.

https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-8 

To bridge this gap, we shall add support for these additional cipher suites –

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA2

  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA3

  • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

 

usinPer Client Configuration:

storage_auth: true and bucket_as_dns: true *.storage.pg.idfy.com – 35.244.9.232 bucket_as_dns: true *.primary.kyc.idfystorage.com – 34.93.190.44 (deprecated for new clients) *: https://storage.googleapis.com/.primary.kyc.idfystorage.com (deprecated for new clients) In case you cant whitelist *.storage.pg.idfy.com reach out to the IDfy support team for your account-specific URL

Main Sections