IP Addresses to Whitelist

If your environment restricts communications by allowing only known IP addresses, you need to whitelist the Coveo Cloud IP addresses. This is however optional to use Coveo Cloud.

Inbound Communication

Inbound communication with Coveo Cloud takes place when the Coveo cloud-based crawlers access your on-premises content to index it.

The following are typical cases in which you need to whitelist Coveo Cloud IP addresses:

In Salesforce, when you use trusted IP ranges to restrict access to your organization (see Set Trusted IP Ranges for Your Organization).
In Sitecore, when you use Coveo for Sitecore 4.0 prior to the October 2016 release (4.0.450) with Coveo Cloud.

Production environment IP addresses

The following IP addresses are used by Coveo Cloud.
- 54.84.109.253
- 54.84.122.250
- 54.84.126.201
- 54.84.126.206
- 54.89.203.159
- 34.228.114.92
(For Coveo HIPAA organizations only) The following IP addresses are used by the Coveo HIPAA Cloud platform.

If the IPs are not whitelisted, you will see error codes such as SALESFORCE_UNABLE_TO_AUTHENTICATE_IP_RESTRICTED for Salesforce sources.
- 34.197.57.255
- 34.198.140.110
- 34.200.73.232
- 52.55.181.180
- 52.207.117.192

Outbound Communication

(Optional) In some cases, you may also have to restrict the list of IP addresses with which your server can communicate with Coveo Cloud. If you use the Push API or the Coveo On-Premises Crawling Module, or if your server needs to perform queries, whitelist all IP address ranges that are associated with CloudFront edge servers and all ranges from region us-east-1 in the following list (see Push API and Coveo On-Premises Crawling Module): https://ip-ranges.amazonaws.com/ip-ranges.json.