How to define an API key to work only within a specific IP range in five easy steps
In the example below we will use https://www.whatismyip.com/ to get our IP address.
We will use https://www.ipaddressguide.com/cidr to convert the desired IP range to format CIDR (Classless Inter-Domain Routing).
ONE
Our IP address is 212.205.179.166
The CIDR format for range 212.205.179.166 – 212.205.179.167 (which includes our IP address) is 212.205.179.166/31
TWO
When creating a new API key or editing an existing API key we will add 212.205.179.166/31 for the IP range
THREE
We will test this IP from the computer with IP address 212.205.179.166 by doing a GET on a bibliographic record. It works.
FOUR
Now in the IP range of the same API key we will put 212.205.179.168/31 which is the CIDR format for IP range 212.205.179.166 – 212.205.179.167 (which does not include our IP address)
FIVE
Now the API does not work and gives message “HTTP requests from IP address 212.205.179.166 are not allowed”
5 Replies to “How to define an API key to work only within a specific IP range in five easy steps”
Leave a Reply
You must be logged in to post a comment.
It doesn’t look like you can enter more than one address/range, making it less useful for those keys that are used by multiple staff working from different networks. Does Ex Libris have plans to add this functionality in the future?
Dear LHL support.
1. you are correct that the user cannot enter more than one address/range here.
2. There are no plans to change this.
3. The institution can create multiple keys, whereby each key will use a different IP
How can I put two ranges of IP?
Hi Stephen:
It is not possible to enter multiple IP ranges here.
Thank you,
Yoel
Update:
We added support for multiple ranges.
Separated by commas (without spaces). For example: 1.2.3.4/16,5.6.7.8/32
Nice day,
Ori
Alma Dev.