Skip to main content

Firewall Configuration

Updated over a month ago

This document presents the domain names and IP that should be whitelisted by a client in their network to allow telemetry data to be exported from the site and for users to access the application.

Application Access

For access to the application by tablets, phones and desktop computers, the following wildcard domains should be whitelisted to allow HTTP traffic on port 80 and 443:

  • *.iotorq.com

  • *.ingest.sentry.io (used for telemetry and error reporting)

If it's not possible to use wildcard domains, then the following domains should be whitelisted on port 80 and 443:

  • Client customer domain: <client>.iotorq.com (ex: panevo.iotorq.com)

  • activity.iotorq.com

  • 478411.ingest.sentry.io

Note that these domains don't have a static IP and their IP can change over time.

Intercom Messenger Widget

The application uses Intercom for in-app messaging and support. The following domains must be whitelisted on port 443 (HTTPS) for the messenger widget to function properly:

Option 1: Wildcard Domains (Recommended)

  • *.intercom.io

  • *.intercom-messenger.com

  • *.intercomcdn.com

  • *.intercomcdn.eu

  • *.intercomassets.com

  • *.intercomassets.eu

  • *.intercomusercontent.com

  • *.intercom-attachments-1.com

  • *.intercom-attachments-2.com

  • *.intercom-attachments-3.com

  • *.intercom-attachments-4.com

  • *.intercom-attachments-5.com

  • *.intercom-attachments-6.com

  • *.intercom-attachments-7.com

  • *.intercom-attachments-8.com

  • *.intercom-attachments-9.com

  • *.intercom-attachments.eu

  • *.au.intercom-attachments.com

  • intercom.help

  • intercom-sheets.com

  • www.intercom-reporting.com

Option 2: Explicit Domains

If wildcard domains are not supported, the following explicit domains must be whitelisted:

Core Services

  • app.intercom.io

  • widget.intercom.io

  • via.intercom.io

API Endpoints

  • api.intercom.io

  • api.eu.intercom.io

  • api.au.intercom.io

  • api-iam.intercom.io

  • api-iam.eu.intercom.io

  • api-iam.au.intercom.io

  • api-ping.intercom.io

WebSocket Connections

  • nexus-websocket-a.intercom.io

  • nexus-websocket-b.intercom.io

  • nexus-europe-websocket.intercom.io

  • nexus-australia-websocket.intercom.io

  • *.intercom-messenger.com (real-time messaging - wildcard required)

Messenger Apps

  • messenger-apps.intercom.io

  • messenger-apps.eu.intercom.io

  • messenger-apps.au.intercom.io

Static Assets & CDN

  • js.intercomcdn.com

  • fonts.intercomcdn.com

  • static.intercomassets.com

  • static.intercomassets.eu

  • static.au.intercomassets.com

Downloads

  • downloads.intercomcdn.com

  • downloads.intercomcdn.eu

  • downloads.au.intercomcdn.com

Uploads

  • uploads.intercomcdn.com

  • uploads.intercomcdn.eu

  • uploads.au.intercomcdn.com

  • uploads.eu.intercomcdn.com

  • uploads.intercomusercontent.com

Media Content

  • gifs.intercomcdn.com

  • video-messages.intercomcdn.com

File Attachments

  • *.intercom-attachments-1.com

  • *.intercom-attachments-2.com

  • *.intercom-attachments-3.com

  • *.intercom-attachments-4.com

  • *.intercom-attachments-5.com

  • *.intercom-attachments-6.com

  • *.intercom-attachments-7.com

  • *.intercom-attachments-8.com

  • *.intercom-attachments-9.com

  • *.intercom-attachments.eu

  • *.au.intercom-attachments.com

Help & Reporting

  • intercom.help

  • intercom-sheets.com

  • www.intercom-reporting.com

WebSocket Protocol Note

Some Intercom domains use both HTTPS and WebSocket Secure (WSS) protocols over port 443. If your firewall requires explicit WebSocket protocol approval, ensure that WebSocket upgrade requests are allowed for the domains listed in the WebSocket Connections section above

Did this answer your question?