IP Allowlist

IP allowlist rules restrict documentation access to specific IP addresses or ranges. This is useful for limiting access to users within your corporate network.

How It Works

When IP rules are configured:

  1. User requests the documentation
  2. Their IP address is checked against all IP rules
  3. If the IP matches any rule, access is granted
  4. If no match, access is denied

When no IP rules are configured:

  • Access is allowed from any IP address

Adding an IP Rule

  1. Go to Access Rules or Repository Settings
  2. Click Add Rule
  3. Enter the IP address or CIDR range
  4. Click Add Rule

Supported Formats

Single IP Address

Allow a specific IP address:

192.168.1.100

CIDR Notation

Allow a range of IP addresses:

192.168.1.0/24    # Allows 192.168.1.0 - 192.168.1.255
10.0.0.0/8        # Allows 10.0.0.0 - 10.255.255.255
172.16.0.0/12     # Allows 172.16.0.0 - 172.31.255.255

IPv6

IPv6 addresses are also supported:

2001:db8::1
2001:db8::/32

Common CIDR Ranges

CIDRRangeAddresses
/32Single IP1
/24Class C256
/16Class B65,536
/8Class A16,777,216

Examples

Single Office

Allow access from your office IP:

203.0.113.50

Office Network

Allow access from your office network:

203.0.113.0/24

Multiple Offices

Add separate rules for each office:

203.0.113.0/24    # Tokyo office
198.51.100.0/24   # Osaka office
192.0.2.0/24      # New York office

VPN Range

Allow access from VPN users:

10.8.0.0/16

Best Practices

Use CIDR for Networks

Instead of adding individual IPs, use CIDR notation for network ranges:

# Good
192.168.1.0/24

# Less maintainable
192.168.1.1
192.168.1.2
192.168.1.3
... (256 entries)

Document Your Rules

Keep track of what each rule represents:

RuleDescription
203.0.113.0/24Main office
198.51.100.0/24Remote office
10.8.0.0/16VPN users

Regular Review

Periodically review IP rules to:

  • Remove outdated entries
  • Update ranges when network changes occur
  • Verify all necessary IPs are included

Troubleshooting

Access Denied from Expected IP

  1. Verify your current IP address
  2. Check if you are behind a proxy or NAT
  3. Ensure the rule includes your IP range
  4. Check for typos in the IP address or CIDR

Checking Your IP

You can check your current IP address using:

  • Your browser's developer tools (network tab)
  • Online services like whatismyip.com
  • Command line: curl ifconfig.me

Limitations

  • Rules are evaluated on each request
  • No caching of IP evaluation results
  • Changes take effect immediately