For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Sign inTry it free
DocsGuidesSDKsIntegrationsAPI docsTutorialsFlagship blog
DocsGuidesSDKsIntegrationsAPI docsTutorialsFlagship blog
  • Get started
    • Overview
    • Onboarding
    • Get started
    • Launch Insights
    • LaunchDarkly architecture
    • LaunchDarkly vocabulary
  • AgentControl
    • AgentControl
    • Manage AgentControl
  • Feature flags
    • Create flags
    • Target with flags
    • Flag templates
    • Manage flags
    • Code references
    • Contexts
    • Segments
  • Releases
    • Releasing features with LaunchDarkly
    • Release policies
    • Percentage rollouts
    • Progressive rollouts
    • Guarded rollouts
    • Feature monitoring
    • Release pipelines
    • Engineering insights
    • Release management tools
    • Applications and app versions
    • Change history
    • Restoring previous flag versions
  • Observability
    • Observability
    • Session replay
    • Error monitoring
    • Logs
    • Traces
    • Observability metrics
    • Product analytics events
    • LLM observability
    • Alerts
    • Dashboards
    • Service map
    • Vega for auto-remediation
    • Observability MCP server
    • Search specification
    • Observability settings
    • Observability integrations
  • Experimentation
    • Experimentation
    • Experiment metric types
    • Experiment configuration
    • Managing experiments
    • Analyzing experiments
    • Multi-armed bandits
    • Holdouts
  • Metrics and events
    • Metrics in LaunchDarkly
    • Creating metrics
    • Metric groups
    • Events
    • Autogenerated metrics
  • Warehouse native
    • Warehouse native metrics
    • Setting up external warehouses
    • Creating experiments using warehouse native metrics
  • Infrastructure
    • Connect apps and services to LaunchDarkly
    • LaunchDarkly in China and Pakistan
    • LaunchDarkly in the European Union (EU)
    • LaunchDarkly in federal environments
    • Public IP list
  • Your account
    • Projects
    • Views
    • Environments
    • Tags
    • Teams
    • Members
    • Roles
    • Account security
      • Single sign-on
      • API access tokens
      • Multi-factor authentication
      • Domain verification
      • IP allowlist
      • Managing sessions
      • Organization access settings
      • Organization announcements
      • Support options
      • Resetting your password
    • Feature previews
    • Billing and usage
    • Changelog
Sign inTry it free
LogoLogo
On this page
  • Overview
  • View the IP address allowlist
  • Add an address or range to the IP allowlist
  • Restricting or allowing access
  • Manage access to the app in a browser
  • Manage access to the REST API
  • Manage access to both the REST API and the app in a browser
  • Delete an address or range from the IP allowlist
Your accountAccount security

IP allowlist

Was this page helpful?
Previous

Managing sessions

Next
Built with
IP allowlists are available to customers on select plans

IP allowlists are only available to customers on select plans. To learn more, read about our pricing. To upgrade your plan, contact Sales.

Overview

This topic explains how to create and maintain an IP address allowlist to help manage access to the LaunchDarkly app and the REST API.

Maintaining an IP allowlist lets you configure specific IP addresses that can access your LaunchDarkly app using a browser, the LaunchDarkly REST API, or both. This gives you control over the locations from which your members can access their LaunchDarkly account.

The IP allowlist supports both individual IP addresses and classless inter-domain routing (CIDR) ranges. The allowlist supports IPv4 values. LaunchDarkly does not support connections over IPv6.

If you’re looking for the list of LaunchDarkly public IP addresses, read Public IP list.

View the IP address allowlist

To view your IP address allowlist, click the gear icon in the left navigation to view organization settings. Then, click Security and scroll to the “IP allowlist” section:

An IP allowlist in LaunchDarkly.

An IP allowlist in LaunchDarkly.

Add an address or range to the IP allowlist

You can add a single IP address or a CIDR range to the allowlist. Here are examples of how to format them:

  • single IP address: 198.51.100.0
  • CIDR range: 198.51.100.0/24

To add a new IP address or CIDR range:

  1. Click the gear icon in the left sidenav to view Organization settings.
  2. Click Security.
  3. Scroll to the “IP allowlist” section.
  4. Click Add IP address. An “Add IP address” dialog appears.
  5. Enter an IP address or range.
  6. (Optional) Enter a Description.
  7. Click Add to allowlist.

The IP address or range appears in the list.

Restricting or allowing access

For the IP addresses and CIDR ranges in the allowlist, you can allow or restrict access to the LaunchDarkly app in a browser, the REST API, or both.

Manage access to the app in a browser

To restrict access to the app in a browser, toggle the “Browser allowlist” toggle On. When toggled on, your members can only interact with the app in a browser from the IP addresses and ranges in the allowlist.

To allow your members to interact with the app in a browser from any IP address or range, toggle the “Browser allowlist” Off.

The default setting for both toggles is Off.

Manage access to the REST API

To restrict access to the REST API, toggle the “API token allowlist” toggle On. When toggled on, your members can only interact with the REST API from the IP addresses and ranges in the allowlist.

To allow your members to interact with the REST API from any IP address or range, toggle the “API token allowlist” Off.

Manage access to both the REST API and the app in a browser

To restrict access to both the app in a browser and the REST API, toggle both the “API token allowlist” and the “Browser allowlist” toggles On.

Delete an address or range from the IP allowlist

To delete an IP address or CIDR range:

  1. Click the gear icon in the left sidenav to view Organization settings.
  2. Click Security.
  3. Scroll to the “IP allowlist” section.
  4. Click the three-dot overflow menu next to the IP address you want to delete.
  5. Select Remove from allowlist. A “Remove from allowlist” dialog appears.
  6. Enter the IP address or range to Confirm.
  7. Click Remove from allowlist.

The IP address or range is removed from the list.