You need to sign in to do that
Don't have an account?
Narrower SFDC IP range
Hi Folks,
We're trying to intergrate SFDC with an external system via outbound message, as a security measure I have asked the external system team to lock down their client to only receive message from:
204.14.232.0/21
96.43.144.0/20
the security team on the external system requested a narrower range, as they don't normally open accesses to such broad range of IP addresses.
Is there a way to know the exact(or narrower range) IP address of my organization (both for sandbox and production)? and secondly is there a risk that this IP range (if there is even a way to find that out in the first place) changes over time?
Thanks,
Sunny_Slp
Salesforce.com owns the whole netblock so they should have less concerns. Salesforce wants all of those open so they can re-arrange servers without sending customer emails. You should concider using layers of defence, IP address is only a basic layer. Are you validating salesforce.com is calling with Certificates? Validating the SSL session is important as IP addresses are easy to spoof. And of course you can use a shard secret or token in the post to validate the calling application as well.