Setting up IP allowlist policy to restrict user access
By creating and altering a client IP allowlist, you restrict the access to Talend Cloud to only trusted IPs.
Once your allowlist is activated, only IPs on this allowlist are enabled to access Talend Cloud; any IPs not present on this list are blocked.
A client could be an API client, a Talend Management Console user or a hybrid client. Engines are not impacted by this IP allowlist policy.
If you are using a hybrid client, such as Talend Data Stewardship or Talend Data Preparation, to connect to Talend Cloud, add the public IP of your on-premises client to the IP allowlist.
- The user or the service account to be used must have the Users - Management permission. With this permission, you are exempted from the IP access control so that you are always empowered to activate or deactivate the IP allowlist policy.
-
Generate access tokens:
- For users, generate a personal access token by following Generating a Personal Access Token.
- For service accounts, generate a service access token by following Generating a service account token.
Once generated, a service account token expires after 30 minutes. If it expires, generate a new token using the POST method at the endpoint https://api.<env>.cloud.talend.com/security/oauth/token. For more information about generating a token, see Generating a service account token.
- The license level of your tenant must be Platform or Data Fabric.