How to define an API key to work only within a specific IP range in five easy steps
In the example below we will use https://www.whatismyip.com/ to get our IP address.
We will use https://www.ipaddressguide.com/cidr to convert the desired IP range to format CIDR (Classless Inter-Domain Routing).
Our IP address is 188.8.131.52
The CIDR format for range 184.108.40.206 – 220.127.116.11 (which includes our IP address) is 18.104.22.168/31
When creating a new API key or editing an existing API key we will add 22.214.171.124/31 for the IP range
We will test this IP from the computer with IP address 126.96.36.199 by doing a GET on a bibliographic record. It works.
Now in the IP range of the same API key we will put 188.8.131.52/31 which is the CIDR format for IP range 184.108.40.206 – 220.127.116.11 (which does not include our IP address)
Now the API does not work and gives message “HTTP requests from IP address 18.104.22.168 are not allowed”