Create an IP ACL

This API is used to create a new IP ACL.

Request#

Global API Key Authentication
Create an IP ACL with a randomly generated Id
POST/api/ip-acl
OpenAPI Spec
Global API Key Authentication
Create an IP ACL with the provided unique Id
POST/api/ip-acl/{ipAccessControlListId}

Request Parameters#

ipAccessControlListIdUUIDoptionalDefaults to secure random UUID

The Id to use for the new IP ACL. If not specified a secure random UUID will be generated.

Request Body#

ipAccessControlList.entriesArrayrequired

A list of IP ranges and the action to apply for each. One and only one entry must have a startIPAddress of * to indicate the default action of the IP ACL.

ipAccessControlList.entries[x].actionStringrequired

The action to take for this IP Range. The possible values are:

  • Allow - allow all IPs in the range
  • Block - block all IPs in the range
ipAccessControlList.entries[x].endIPAddressStringrequired

The ending IP (IPv4) for this range. The only time this is not required is when startIPAddress is equal to *, in which case this field is ignored. This value must be greater than or equal to the startIPAddress. To define a range of a single IP address, set this field equal to the value for startIPAddress.

ipAccessControlList.entries[x].startIPAddressStringrequired

The starting IP (IPv4) for this range.

ipAccessControlList.nameStringrequired

The unique name of this IP ACL.

Response#

The response for this API contains the IP ACL that was created.

Response Codes
CodeDescription
200The request was successful. The response will contain a JSON body.
400The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Response Body#

ipAccessControlListsArray

The list of all IP ACLs

ipAccessControlList.entriesArray

A list of IP ranges and the action to apply for each. One and only one entry will have a startIPAddress of * to indicate the default action of the IP ACL.

ipAccessControlList.entries[x].actionString

The action to take for this IP Range.

ipAccessControlList.entries[x].endIPAddressString

The ending IP (IPv4) for this range.

ipAccessControlList.entries[x].startIPAddressString

The starting IP (IPv4) for this range.

ipAccessControlList.nameString

The unique name of this IP ACL.

Example IP ACL response JSON

{
  "ipAccessControlList": {
    "name": "Block two specific ranges",
    "entries": [
      {
        "action": "Allow",
        "startIPAddress": "*"
      },
      {
        "action": "Block",
        "startIPAddress": "76.104.0.0",
        "endIPAddress": "76.104.255.255"
      },
      {
        "action": "Block",
        "startIPAddress": "71.205.0.0",
        "endIPAddress": "71.205.255.255"
      }
    ],
    "id": "2d9f1c45-725a-4718-b631-b40b7180dbf5",
    "insertInstant": 1628887035851,
    "lastUpdateInstant": 1628887035851
  }
}