Note: This feature is available for “Enterprise” plans only.

By default, Tulip allows users and operators to use apps and build apps from any IP address.

However, you can limit access to Tulip and the Tulip Player to specific IP addresses and CIDR blocks using the “IP Allowlist” feature.

This can be accessed from the “Network Access” tab under “Account Settings”.=

Only users with the “Account Owner” role can view and edit the IP allowlist.

Once you “enable” the IP Allowlist, only the stated IP addresses and CIDR blocks will be able to access Tulip. It can always be disabled at a later time.

When a user attempts to access Tulip from an IP address outside the specified range, they will see an error screen that prevents them from continuing to use the product.

The Allowlist only supports IPv4 format.

Enabling the IP Allowlist

Before enabling the IP Allowlist, ensure you know all IP addresses and CIDR blocks that need to be entered within your factory (or multiple factories). As soon as it is enabled, you will block all IP addresses outside this list. This can potentially interrupt production if you block IP addresses for devices that are running apps.

This includes the following Tulip features:

  • Player
  • Gateway
  • Machines
  • Connector Hosts
  • SAML

To change the IP Allowlist, press the “Edit” button in the top right of the screen to configure the Allowlist. There are two key pieces of information at the top of the screen:

Allowlist: Choose whether the entire IP Allowlist is enabled or disabled.

Current IP Address: The current IP address of the computer. This will be automatically entered into the list of permitted IP addresses and cannot be removed. It can be edited to include an entire CIDR block.

You can then add an IP address/CIDR block, and then click “Add”.

When you are done, press “Save” in the top right to update the IP allowlist.

CIDR Blocks

The Allowlist supports CIDR blocks. You can input them in the IP Allowlist column.

Example: 8.8.8.7/2

Did this answer your question?