Go to docs navigationGo to article contentGo to table of contentsGo to footer navigation

Centra IPs

Last updated

  1. You would need an Integration API token with the read permissions for CentraIPs, this can be achieved by creating a new API token or updating an existing one with the correct permission.

    In all instances, you will need to access the Centra AMS backend by the URL: https://[brand].centra.com/[ams_path]/system/integration-api-tokens.

    Here you can create or update the integration with the read permission for CentraIP details. If you don't have access to Centra AMS, please contact the person in your organization who can create this token for you.

  2. With this token and URL you'll be able to run the following GraphQL query:

    1 2 3 4 5 6 curl \ -H 'Content-Type: application/json' \ -H "Authorization: bearer {{ token }}" \ -X POST \ -d '{"query": "query { centraIPs }"}' \ https://[brand].centra.com/graphql

  3. The output would be something like this:

    1 2 3 4 5 6 7 8 9 10 11 12 13 { "data": { "centraIPs": [ "123.123.123.123" ] }, "extensions": { "complexity": 10, "permissionsUsed": [ "CentraIP:read" ] } }

  4. The returned IP addresses are the ones that will be used for incoming and outgoing traffic, so it's critical they are allowed in your firewall. This can be queried every 10-15 minutes to be effective, since Centra IPs change rarely, and never without a good reason. This way you can keep an up-to-date list of your integrations + client IPs, if you need to.

    Please note that using this query is only required if you must use IP filtering on your end. Every Centra environment is always reachable via the DNS domain [client].centra.com, and even if the IP changes, the DNS should be updated immediately, so there should be no downtime.