Whitelisting IPs

What are PagerDuty's IPs for whitelisting and firewall purposes?

Events API

The PagerDuty Events API, which is used for triggering, acknowledging, and resolving incidents, requires that your system be able to make outbound connections to events.pagerduty.com on TCP ports 80 or 443, depending on whether you would like to send events to PagerDuty via HTTP or HTTPS. Most integrations use HTTPS (TCP port 443).

events.pagerduty.com resolves to multiple IPs, which you can find by querying the A records using dig or nslookup.

Example Query

$ dig a +short events.pagerduty.com
events.gslb.pagerduty.com.
54.244.255.45
54.241.36.66
54.245.112.46

In this example, you see that PagerDuty's Events API is accessible at the IPs 54.244.255.45, 54.241.36.66, and 54.245.112.46.

REST API

To access our REST API, your system must be able to make outbound connections to <subdomain>.pagerduty.com or api.pagerduty.com on TCP port 443. Our REST API only allows HTTPS connections; HTTP connections are not allowed for security.

<subdomain>.pagerduty.com and api.pagerduty.com usually resolve to multiple IPs as well, however these IPs will be different than the ones used for our Events API or webhooks.

Example Query

$ dig a +short api.pagerduty.com
54.203.252.221
50.112.113.201
50.112.113.204

In this example, you see that PagerDuty's REST API is accessible at the IPs 54.203.252.221, 50.112.113.201, and 50.112.113.204.

Webhooks

Webhooks are HTTP or HTTPS calls sent from PagerDuty to your web server on the IP and port of your choosing. The current list of IPs that our webhooks are sent from can be found by querying the A records for webhooks.pagerduty.com.

Example Query

$ dig a +short webhooks.pagerduty.com
54.185.79.76
50.18.129.59
54.212.55.143
52.13.4.226
104.42.123.77
54.176.87.101

In this example, you see that PagerDuty is sending webhooks from the IPs 54.185.79.76, 50.18.129.59, 54.212.55.143, 52.13.4.226, 104.42.123.77, and 54.176.87.101.

Please be aware that the IPs above are only example DNS queries, and do not necessarily reflect the current IPs in use. These IPs can change at any time without warning. If we were to change IPs and your firewall policies were not updated, you will not be able to reach our API endpoints and/or you will stop receiving webhooks from PagerDuty.

If you are hardcoding IPs into your firewall, you can use a script to receive updates when the A records for these hostnames change, or perform lookups on the aforementioned hostnames regularly to update your configurations.

Whitelisting IPs