> ## Documentation Index
> Fetch the complete documentation index at: https://docs-staging-quickstart-revamp.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

> Lists Auth0 IP addresses for use in allow lists for inbound traffic behind a firewall.

# Auth0 IP Addresses for Allow Lists

If you have custom code executing in Auth0 that calls a service inside your network, or if you've configured an on-premise SMTP provider in Auth0, then you may need to configure your firewall to allow inbound traffic from Auth0.

Features that may require you to allow inbound traffic from Auth0 include:

* [Actions](/docs/customize/actions)
* [Rules](/docs/customize/rules)
* [Hooks](/docs/customize/hooks)
* [Custom Database Action Scripts](/docs/authenticate/database-connections/custom-db/templates)
* [Log Streams](/docs/customize/log-streams)
* [External STMP Email Providers](/docs/customize/email/smtp-email-providers)

## Outbound calls

<Callout icon="file-lines" color="#0EA5E9" iconType="regular">
  IP addresses are subject to change. In the event of an IP address change, Auth0 sends notifications several months before changes take place. The lists are up-to-date at the time of writing.
</Callout>

When Auth0 makes outbound calls, the IP addresses are static. Auth0 translates internal IP addresses to one of the displayed options when reaching out using NAT.

### Public Cloud

For Public Cloud tenants, the IP addresses that you must allow through your firewall are specific to the tenant's region.

The list of IP addresses for each region are listed below:

#### United States

174.129.105.183, 18.116.79.126, 18.117.64.128, 18.191.46.63, 18.218.158.118, 18.218.26.94, 18.232.225.224, 18.233.90.226, 3.131.238.180, 3.131.55.63, 3.132.201.78, 3.133.18.220, 3.134.176.17, 3.19.44.88, 3.20.16.23, 3.20.244.231, 3.21.254.195, 3.211.189.167, 34.211.191.214, 34.233.19.82, 34.233.190.223, 35.160.3.103, 35.162.47.8, 35.166.202.113, 35.167.74.121, 35.171.156.124, 35.82.131.220, 44.205.93.104, 44.218.235.21, 44.219.52.110, 44.224.190.45, 44.246.144.93, 52.12.243.90, 52.14.149.14, 52.2.61.131, 52.204.128.250, 52.206.34.127, 52.33.36.223, 52.43.255.209, 52.88.192.232, 52.89.116.72, 54.145.227.59, 54.157.101.160, 54.200.12.78, 54.209.32.202, 54.245.16.146, 54.245.93.221, 54.68.157.8, 54.69.107.228

#### Europe

18.197.9.11, 18.198.229.148, 3.125.185.137, 3.65.249.224, 3.67.233.131, 3.68.125.137, 3.72.27.152, 3.74.90.247, 34.246.118.27, 35.157.198.116, 35.157.221.52, 52.17.111.199, 52.19.3.147, 52.208.95.174, 52.210.121.45, 52.210.122.50, 52.28.184.187, 52.30.153.34, 52.57.230.214, 54.228.204.106, 54.228.86.224, 54.73.137.216, 54.75.208.179, 54.76.184.103

#### Australia

13.210.52.131, 13.238.180.132, 13.55.232.24, 16.50.37.252, 16.51.137.244, 16.51.49.47, 54.153.131.0, 54.252.2.143, 54.79.31.78

#### Canada

15.222.97.193, 3.97.144.31, 40.176.144.225, 40.176.166.165, 40.177.34.170, 99.79.94.44

#### Japan

13.208.85.227, 15.152.185.222, 15.152.2.46, 15.152.28.221, 15.152.56.146, 15.152.95.63, 176.34.22.106, 35.74.30.168, 43.206.201.6, 46.51.243.250, 54.150.87.80, 54.248.192.141

#### United Kingdom

18.135.40.36, 3.10.89.10, 3.8.59.62

### Private Cloud

For Private Cloud tenants, the IP addresses that you must allow through your firewall are unique to the tenant's environment. Auth0 may receive your tenant's private IP addresses if you enable features like Tenant Logs, <Tooltip tip="Suspicious IP Throttling: Form of attack protection that protects your tenant against suspicious logins targeting too many accounts from a single IP address." cta="View Glossary" href="/docs/glossary?term=Suspicious+IP+throttling">Suspicious IP throttling</Tooltip>, Custom Databases, and Actions that rely on them.

These IP addresses are known as **Primary Egress IPs** and are listed under the environment's configuration data available in the [Auth0 Support Center](https://support.auth0.com/tenants/private).

## Inbound calls

IP addresses related to inbound calls to Auth0 may be variable due to the lack of fixed IP addresses on the load balancers. In this case, firewall rules should operate on the name of the service (for example: `<YOUR_TENANT>.<YOUR_REGION>.auth0.com`).

If your Auth0 subscription allows you to configure a self-managed <Tooltip tip="Custom Domain: Third-party domain with a specialized, or vanity, name." cta="View Glossary" href="/docs/glossary?term=custom+domain">custom domain</Tooltip>, you can configure that custom domain to have a static IP address. Self-managed custom domains give you control over the network entry point and let you ensure that the IP address is fixed. For information on subscription plans, see [Auth0 Pricing](https://auth0.com/pricing).

## Learn more

* [Auth0 Public Cloud Service Endpoints](/docs/troubleshoot/customer-support/operational-policies/public-cloud-service-endpoints)
* [Configure External SMTP Email Providers](/docs/customize/email/smtp-email-providers)
* [Custom Database Connection Security Best Practices](/docs/authenticate/database-connections/custom-db/custom-database-connections-scripts/connection-security)
