Updated on 2025-08-12 GMT+08:00

Adding an Allowlist

You can configure an allowlist for trusted visitors. An allowlist can be configured by application, account, and client IP address.

After an allowlist policy is configured, the access that matches the allowlist will be permitted.

For example, for the application demo, the client IP address 172.xx.xx.28 is a trusted IP address, and the access from the client IP address 172.xx.xx.28 is allowed. The following describes how to add the client IP address 172.xx.xx.28 to the whitelist of application demo.

Procedure

  1. Log in to the web console of the API data security protection system as user sysadmin.
  2. In the navigation pane on the left, choose Security Policies > Allowlist.
  3. Click Add and set allowlist rule parameters.

    Figure 1 Configuring an allowlist rule
    Table 1 Allowlist rule parameters

    Parameter

    Description

    Rule Name

    Name of the allowlist rule.

    Description

    Rule description.

    Service Name

    Select the application assets the allowlist applies to.

    Rule Conditions

    Configure the rule conditions, including a client IP address, account, and account group.

    Effective Scope

    Configure the effective scope of the allowlist. When an access request matches the selected scope, the allowlist takes effect preferentially.

    For example, if you select Watermark for Effective scope, when the access matches the allowlist, the allowlist takes effect but the watermark does not take effect.

    Enabled/Disabled

    Enable or disable the allowlist.
    • Enabled status: The allowlist takes effect immediately after being added.
    • Disabled status: The rule does not takes effect after being added. You need to manually enable it.

  4. Click OK.
  5. Use the client IP address 172.xx.xx.28 to access application demo. The access is allowed.

Related Operations

On the Allowlist tab, you can also perform the following operations:
  • To modify an allowlist, locate it and click Edit on the right.
  • To delete an allowlist, locate it and click Delete on the right.
  • To delete allowlists in batches, select them all and click Delete in the upper right corner.
  • To enable allowlists in batches, select them all and click Enable in the upper right corner.
  • To disable allowlist in batches, select them all and click Disable in the upper right corner.