Automation Cloud - Configuring the firewall

Automation Cloud Portal

Scenario	Domains to Allow
Sign in with basic authentication	`https://account.uipath.com` `https://cloud.uipath.com` `https://platform-cdn.uipath.com`
Sign in with Microsoft	`https://aadcdn.msftauth.net` `https://account.uipath.com` `https://cloud.uipath.com` `https://login.live.com` `https://login.microsoftonline.com` `https://platform-cdn.uipath.com`
Sign in with Google	`https://account.uipath.com` `https://accounts.google.com` `https://cloud.uipath.com` `https://google.com` `https://lh3.googleusercontent.com` `https://platform-cdn.uipath.com`
Sign in with LinkedIn	`https://account.uipath.com` `https://cloud.uipath.com` `https://lnkd.demdex.net` `https://platform-cdn.uipath.com` `https://platform.linkedin.com` `https://static-exp1.licdn.com` `https://www.linkedin.com`
Sign in with Azure Active Directory (Azure AD)	`https://aadcdn.msftauth.net` `https://cloud.uipath.com` `https://login.microsoftonline.com`
Sign in with UiPath Assistant (basic email)	`*-signalr.service.signalr.net` For events related to signing in with basic authentication: `https://account.uipath.com` `https://cloud.uipath.com` `https://platform-cdn.uipath.com`
Sign in with UiPath Studio (basic email)	`https://api.nuget.org` `*-signalr.service.signalr.net` `https://gallery.uipath.com` `https://pkgs.dev.azure.com` For events related to signing in with basic authentication: `https://account.uipath.com` `https://cloud.uipath.com` `https://platform-cdn.uipath.com`
Sign in for the first time / Reset password	`uipath.eu.auth0.com` `account.uipath.com`
Issuing the certificate for the site	`sni.cloudflaressl.com`
Static assets: Fonts, Styling and CDN hosted scripts	Fonts: `https://use.typekit.net` `https://fonts.gstatic.com` `https://platform-cdn.uipath.com` Images: `https://s.gravatar.com` `https://secure.gravatar.com` `https://.wp.com` `https://.googleusercontent.com` `https://i.ytimg.com` `https://platform-cdn.uipath.com` CSS: `https://fonts.googleapis.com/css` `https://use.typekit.net` `https://p.typekit.net` `https://platform-cdn.uipath.com` Scripts: `https://primer.typekit.net` `https://use.typekit.net` `https://platform-cdn.uipath.com`
Dynamic Feature Enablement	`https://app.launchdarkly.com` `https://clientstream.launchdarkly.com` `https://events.launchdarkly.com`
Sign in via Auth0 (for EU)	`uipath.eu.auth0.com`
Update services	`ctldl.windowsupdate.com` To configure network connections, use Microsoft documentation.

Outbound IPs to enable a firewall for the customer-managed key

We recommend allowing these IPs, which enable a firewall for the customer-managed key.

For details, refer to the Enabling the firewall for the customer-managed key documentation.

20.213.69.140/30
20.92.42.116/30
20.220.159.8/30
20.104.134.160/30
20.239.121.152/30
20.232.224.12/30
20.78.114.120/30
104.215.9.124/30
20.166.153.132/30
20.198.150.140/30
20.23.210.168/30
20.66.65.144/30
20.219.182.96/30
52.140.57.140/30
20.90.169.148/30
51.142.146.56/30

Important: If you use Azure buckets, they must not be located in the tenant's region or in the failover region.

Action Center

Scenario	Domains to Allow
Authentication	`https://cloud.uipath.com/` `https://account.uipath.com/` `https://lh3.googleusercontent.com/`
Navigate to Action Center page	`https://cloud.uipath.com/` `https://uipath-acc-prod.azureedge.net/` `.launchdarkly.com` `https://www.youtube.com/` `blob:https://cloud.uipath.com` `https://platform-cdn.uipath.com/` `https://fonts.gstatic.com/` `.googleapis.com`
View/Assign/Un-assign/Delete an Action	`https://cloud.uipath.com/` `https://api.smartling.com/` `https://uipath-acc-prod.azureedge.net/` `.cloudfront.net` `https://platform-cdn.uipath.com/` `https://fonts.gstatic.com/` `.googleapis.com` `*.launchdarkly.com`
Storage bucket (File upload/download)	`*.blob.core.windows.net`

AI Center

Module or Scenario	Domains to Allow
AI Center
Identity Server	`https://cloud.uipath.com`
PkgManager	`https://cloud.uipath.com`
Deployer	`https://cloud.uipath.com`
Helper	`https://cloud.uipath.com`
Trainer	`https://cloud.uipath.com`
AppManager	`https://cloud.uipath.com`
Upload files	`https://aifstgdatawetraining.blob.core.windows.net`
Third-party Services
AppInsights	`https://bam.eu01.nr-data.net`
Static Assets	`https://aifstgassets.azureedge.net` `https://i2.wp.com/cdn.auth0.com` `https://api.smartling.com` `https://s.gravatar.com` `https://js-agent.newrelic.com` `https://aifstgassets.azureedge.net` `https://fonts.gstatic.com` `https://use.typekit.net` `https://aifstgassets.azureedge.net` `https://fonts.googleapis.com` `https://d2c7xlmseob604.cloudfront.net` `https://i2.wp.com/cdn.auth0.com`
Navigate to AI Center
Permissions	`https://cloud.uipath.com`
OpenId configuration	`https://cloud.uipath.com` `https://dc.services.visualstudio.com` `https://d2c7xlmseob604.cloudfront.net` `https://use.typekit.net` `https://fonts.googleapis.com` `https://aifstgassets.azureedge.net` `https://p.typekit.net` `blob:https://cloud.uipath.com` `https://fonts.gstatic.com` `https://api.smartling.com` `https://app.launchdarkly.com` `https://js-agent.newrelic.com` `https://i2.wp.com/cdn.auth0.com` `https://bam.eu01.nr-data.net` `https://clientstream.launchdarkly.com` `https://events.launchdarkly.com`

AI Computer Vision

Endpoint Value	Server Location
`https://cv.uipath.com`	Nearest geolocation based on the request IP
`https://cv-eu.uipath.com`	West Europe
`https://cv-us.uipath.com`	US
`https://cv-delayed.uipath.com`	Delayed enterprise ring deployment, located in the United States

Apps

Scenario	Domains to Allow
Navigate to Apps	`https://cloud.uipath.com` `https://fonts.googleapis.com` `https://cdnjs.cloudflare.com` `https://uipath-apps-prd.azureedge.net` `https://fonts.gstatic.com` `https://dc.services.visualstudio.com`
Create apps, or create apps via import, or add or delete process	`https://cloud.uipath.com` `https://uipath-apps-prd.azureedge.net`
Export, clone, share, delete, edit, or publish an app	`https://cloud.uipath.com`
Run or preview an app	`https://cloud.uipath.com` `https://fonts.googleapis.com` `https://cdnjs.cloudflare.com` `https://uipath-apps-prd.azureedge.net` `https://fonts.gstatic.com` `https://dc.services.visualstudio.com`
Click on Processes or Create rule	`https://uipath-apps-prd.azureedge.net`
Bind process	`https://uipath-apps-prd.azureedge.net` `https://cloud.uipath.com` `https://dc.services.visualstudio.com`
General or Permission	`https://api.smartling.com`
Create or delete a page, or create or delete History	`https://cloud.uipath.com` `https://api.smartling.com`
Connect to Apps	`.trafficmanager.net` `wss://.uipath.systems` `wss://cloud.uipath.com`

Automation Hub

Scenario Domains to Allow

Navigate to the Automation Hub page

Scenario	Domains to Allow
Navigate to the Automation Hub page	`https://cloud.uipath.com` http://*.userpilot.io https://dc.services.visualstudio.com https://ah-prod-ts-blue-eu.uipath.com https://ah-prod-ts-green-eu.uipath.com https://ah-prod-ts-blue-us.uipath.com https://ah-prod-ts-green-us.uipath.com https://ah-prod-ts-blue-ja.uipath.com https://ah-prod-ts-green-ja.uipath.com https://ah-prod-ts-blue-au.uipath.com https://ah-prod-ts-green-au.uipath.com https://ah-prod-ts-blue-ca.uipath.com https://ah-prod-ts-green-ca.uipath.com https://ah-prod-ts-blue-sea.uipath.com https://ah-prod-ts-blue-sea.uipath.com https://ah-prod-ts-blue-uk.uipath.com https://ah-prod-ts-green-uk.uipath.com https://ah-prod-ts-blue-queu.uipath.com https://ah-prod-ts-green-queu.uipath.com https://ah-gxp-ts-blue-us.uipath.com https://ah-gxp-ts-green-us.uipath.com
Use OpenAPI for Automation Hub	https://automation-hub.uipath.com http://ah-gxp-openapi-us.uipath.com

https://cloud.uipath.com
http://*.userpilot.io
https://dc.services.visualstudio.com
https://ah-prod-ts-blue-eu.uipath.com
https://ah-prod-ts-green-eu.uipath.com
https://ah-prod-ts-blue-us.uipath.com
https://ah-prod-ts-green-us.uipath.com
https://ah-prod-ts-blue-ja.uipath.com
https://ah-prod-ts-green-ja.uipath.com
https://ah-prod-ts-blue-au.uipath.com
https://ah-prod-ts-green-au.uipath.com
https://ah-prod-ts-blue-ca.uipath.com
https://ah-prod-ts-green-ca.uipath.com
https://ah-prod-ts-blue-sea.uipath.com
https://ah-prod-ts-blue-sea.uipath.com
https://ah-prod-ts-blue-uk.uipath.com
https://ah-prod-ts-green-uk.uipath.com
https://ah-prod-ts-blue-queu.uipath.com
https://ah-prod-ts-green-queu.uipath.com
https://ah-gxp-ts-blue-us.uipath.com
https://ah-gxp-ts-green-us.uipath.com

Use OpenAPI for Automation Hub

https://automation-hub.uipath.com
http://ah-gxp-openapi-us.uipath.com

Automation Ops

Scenario	Domains to Allow
Navigate to the Automation Ops page	`https://stdadmstgcdn.azureedge.net` `https://app.vssps.visualstudio.com` `https://stdadmstgcdn.blob.core.windows.net` `https://nexus.ensighten.com` `https://cloud.uipath.com` `https://platform-cdn.uipath.com` `https://use.typekit.net` `https://p.typekit.net` `https://content.usage.uipath.com` `https://app.launchdarkly.com` `https://dc.services.visualstudio.com` `https://data.usage.uipath.com` `*-signalr.service.signalr.net` `https://s.gravatar.com` `https://i2.wp.com` `https://events.launchdarkly.com` `https://github.com` `https://github.githubassets.com` `https://avatars.githubusercontent.com` `https://collector.github.com` `https://api.github.com`

Scenario

Domains to Allow

Navigate to the Automation Ops page

https://stdadmstgcdn.azureedge.net
https://app.vssps.visualstudio.com
https://stdadmstgcdn.blob.core.windows.net
https://nexus.ensighten.com
https://cloud.uipath.com
https://platform-cdn.uipath.com
https://use.typekit.net
https://p.typekit.net
https://content.usage.uipath.com
https://app.launchdarkly.com
https://dc.services.visualstudio.com
https://data.usage.uipath.com
*-signalr.service.signalr.net
https://s.gravatar.com
https://i2.wp.com
https://events.launchdarkly.com
https://github.com
https://github.githubassets.com
https://avatars.githubusercontent.com
https://collector.github.com
https://api.github.com

Communications Mining

Scenario	Domains to Allow
Admin Portal / Identity Server	`https://cloud.uipath.com`
Static assets	`https://fonts.googleapis.com` `https://fonts.gstatic.com`
Azure SignalR	`*.service.signalr.net`
Telemetry	`https://*.in.applicationinsights.azure.com` `https://dc.services.visualstudio.com`
LaunchDarkly Feature Flags	`https://*.launchdarkly.com`
Pendo (clickable in-app guides)	`https://*.pendo.io`
Performance monitoring	`https://o486811.ingest.sentry.io`

Data Service

Scenario	Domains to Allow
All Data Service operations	`*.uipath.com`
Fetching static frontend content	`*.cloudapp.azure.com`
Sending notifications to notification hub	`*.service.signalr.net`
Getting Feature Flag information	`*.launchdarkly.com`
Collection of telemetry	`*.visualstudio.com`

Document Understanding

Module or Scenario	Domains to Allow
Navigate to Document Understanding	`https://*.uipath.com`
Azure	`https://*.azure.com`
Network	`https://.azureedge.net` `https://.azurefd.net` `https://*.cloudfront.net`
Feature flags	`https://*.launchdarkly.com`
Telemetry	`https://*.visualstudio.com`
Azure SignalR	`https://*.service.signalr.net`
Storage	`https://.trafficmanager.net` `https://.blob.core.windows.net`
Pendo	`https://*.pendo.io`

Insights

Scenario	Domains to Allow
Navigate to the Insights page	`https://cloud.uipath.com` `https://.lookercdn.com` `https://uipath-insights-statics.azureedge.net/` `https://.looker.uipath.com/`

Integration Service

Add the following IP addresses to your allow list to use Integration Service and create connections.

Region	IPs	Environment
Europe	34.247.224.172 108.128.2.184 54.78.70.51	Production
US	3.225.236.232 18.209.239.173 3.211.174.83	Production
Japan	18.180.58.90 35.72.149.94 35.75.176.28	Production
Australia	13.210.116.107 13.54.88.227 13.55.113.75	Production
Canada¹	20.200.104.214 20.220.98.56	Production
India¹	4.224.9.5 13.71.90.136	Production
Singapore¹	20.44.206.197	Production
United Kingdom¹	172.165.145.81 51.141.6.153	Production
All	3.67.182.72 18.156.115.90 52.57.115.254	Staging

¹ The IP addresses list for the Canada, India, Singapore, and United Kingdom regions is currently under revision. A permanent list will be provided by 2024.10. You can configure your systems with the temporary IP addresses, but you will need to update your allow list when the permanent addresses are provided.

Orchestrator

Domains to add to the allow list

Robots send traffic to these Automation Cloud^TM Orchestrator domains. We recommend that you allow them to ensure proper functioning of your automations.

Module or Functionality	Domains to Allow
UiPath Orchestrator	`https://cloud.uipath.com` `https://orch-cdn.uipath.com` `https://account.uipath.com`
Automation Cloud™ Robots - VM	`https://cloud.uipath.com` `https://download.uipath.com`
Storage	`.blob.core.windows.net` If using Amazon s3 buckets: `.s3.amazonaws.com`
Package and library feeds (library, tenant processes, and others)	`https://pkgs.dev.azure.com`
Azure SignalR	`*.service.signalr.net`
Studio and Robot auto-update functionality	`https://download.uipath.com`
Traffic Manager (internal)	`*.trafficmanager.net`

Outbound IPs to add to the allow list

We recommend allowing these IPs, which send traffic from Orchestrator towards your resources. For details, see Orchestrator outbound IP addresses.

Community users

Region	CIDR	IPs
Europe (European Union)	20.123.102.24/30 20.50.147.88/30	20.123.102.24 20.123.102.25 20.123.102.26 20.123.102.27 20.50.147.88 20.50.147.89 20.50.147.90 20.50.147.91

Enterprise users

Region	CIDR	IPs
Australia	20.92.156.92/30	20.92.156.92 20.92.156.93 20.92.156.94 20.92.156.95
Canada	20.116.141.44/30	20.116.141.44 20.116.141.45 20.116.141.46 20.116.141.47
United States	20.124.53.40/30 20.121.182.72/30 20.121.104.124/30	20.124.53.40 20.124.53.41 20.124.53.42 20.124.53.43 20.121.182.72 20.121.182.73 20.121.182.74 20.121.182.75 20.121.104.124 20.121.104.125 20.121.104.126 20.121.104.127
Japan	20.210.80.72/30	20.210.80.72 20.210.80.73 20.210.80.74 20.210.80.75
Europe (European Union)	20.223.90.156/30 20.223.16.0/30 4.207.205.236/30	20.223.90.156 20.223.90.157 20.223.90.158 20.223.90.159 20.223.16.0 20.223.16.1 20.223.16.2 20.223.16.3 4.207.205.236 4.207.205.237 4.207.205.238 4.207.205.239
Singapore	104.43.98.180/30	104.43.98.180 104.43.98.181 104.43.98.182 104.43.98.183
United Kingdom	20.90.174.164/30	20.90.174.164 20.90.174.165 20.90.174.166 20.90.174.167
India	4.224.102.80/30	4.224.102.80 4.224.102.81 4.224.102.82 4.224.102.83

Process Mining

Module or Scenario	Domains to Allow
Identity Server	`https://cloud.uipath.com`
Static assets	`https://fonts.googleapis.com` `https://fonts.gstatic.com` `https://content.usage.uipath.com` `https://s.gravatar.com` `https://i1.wp.com`
Azure SignalR	`*.service.signalr.net`
Telemetry	`https://*.in.applicationinsights.azure.com`
Upload files	`*.blob.core.windows.net`
LaunchDarkly Feature Flags	`https://app.launchdarkly.com` `https://clientstream.launchdarkly.com` `https://events.launchdarkly.com`

Solutions Management

Scenario	Domains to Allow
Navigate to the Solutions Management page	`https://cloud.uipath.com` `https://fonts.googleapis.com` `https://cdnjs.cloudflare.com/` `https://stdadmstgcdn.azureedge.net/` `https://fonts.gstatic.com` `https://dc.services.visualstudio.com` `api.smartling.com` `use.typekit.net` `p.typekit.net` `s.gravatar.com` `i2.wp.com` `https://platform-cdn.uipath.com` `https://sol-cdn.uipath.com` `https://solutions.uipath.com`
Storage	`*.<http://blob.core.windows.net\|blob.core.windows.net>`

Studio Web

Module or Functionality	Domains to Allow
Azure SignalR	`wss://.service.signalr.net` `https://.service.signalr.net` `wss://*.trafficmanager.net`
UiPath products	`https://*.uipath.com`
UiPath products (in-app feedback)	`https://studio-feedback.azure-api.net`
UiPath products (static assets)	`https://platform-cdn.uipath.com` `https://content.usage.uipath.com` `https://fonts.gstatic.com` `https://d2c7xlmseob604.cloudfront.net` `https://fonts.googleapis.com/` `https://.typekit.net` `https://fonts.gstatic.com` `https://s.gravatar.com` `https://secure.gravatar.com` `https://.wp.com` `https://*.googleusercontent.com` `https://i.ytimg.com`
UiPath products (telemetry)	`https://data.usage.uipath.com`
Third-party services (clickable guides)	`https://*.pendo.io`
Third-party services (feature flags provider)	`https://*.launchdarkly.com`
Third-party services (storage)	`https://.blob.core.windows.net` `https://.amazonaws.com`
Third-party services (telemetry)	`https://dc.services.visualstudio.com`
Third-party services (translations helper)	`https://api.smartling.com`

Task Mining

If your company uses proxies, the below URLs need to be added to the Firewall Exceptions so the Task Mining desktop components connect to our web servers.

Note: The Task Mining Desktop application uses web sockets for real-time communication with the server (telemetry and governance). For the URLs and IPs to be allowed, the transparent proxy is expected to have the HTTPS and WSS protocols enabled.

Component	URL	Port
Admin Portal	`https://cloud.uipath.com`	443
Web Portal	`https://app.launchdarkly.com` `https://events.launchdarkly.com` `*.blob.core.windows.net`	443
Pendo	`https://content.usage.uipath.com`	443
Azure App Insights	`dc.services.visualstudio.com` `dc.applicationinsights.azure.com` `dc.applicationinsights.microsoft.com` `dc.services.visualstudio.com` `*.in.applicationinsights.azure.com` `live.applicationinsights.azure.com` `rt.applicationinsights.microsoft.com` `rt.services.visualstudio.com` `{region}.livediagnostics.monitor.azure.com`	443
Azure Signalr	`service.signalr.net` `*.service.signalr.net`	443
Avatars	`i2.wp.com/cdn.auth0.com/avatars` `ns-alpha-ns-we-signalr.service.signalr.net`	443

Test Manager

Module or functionality	Domains to allow
UiPath Test Manager	`https://cloud.uipath.com`
Azure SignalR	`*.service.signalr.net`

Configuring the firewall