Skip to main content

Setting up IP allowlist policy to restrict user access

By creating and altering a client IP allowlist, you restrict the access to Talend Cloud to only trusted IPs.

Once your allowlist is activated, only IPs on this allowlist are enabled to access Talend Cloud; any IPs not present on this list are blocked.

A client could be an API client, a Talend Management Console user or a hybrid client. Engines are not impacted by this IP allowlist policy.

If you are using a hybrid client, such as Talend Data Stewardship or Talend Data Preparation, to connect to Talend Cloud, add the public IP of your on-premises client to the IP allowlist.

Prerequisites:
  • The user or the service account to be used must have the Users - Management permission. With this permission, you are exempted from the IP access control so that you are always empowered to activate or deactivate the IP allowlist policy.
  • Generate access tokens:

    Once generated, a service account token expires after 30 minutes. If it expires, generate a new token using the POST method at the endpoint https://api.<env>.cloud.talend.com/security/oauth/token. For more information about generating a token, see Generating a service account token.

  • The license level of your tenant must be Platform or Data Fabric.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!