Dashboard - Settings > Security
For added security if you want to limit IP addresses and limit users
A Safelist is “the cybersecurity list,” only giving administrator-approved programs, and IP and email addresses, system access. Whatever is not on the list is blocked.
Service Safelist Settings allow you to explicitly grant access to specific IP addresses and/or CIDR notations for logins, APIs, and dashboard access.
If you choose to do this the IP address or CIDR of each user in an account should be added to the Safelist in order to log in to Payment Rails Interface or make any requests via the Payment Rails APIs. The Safelist does not cover the Collector IP (Server IP) to connect to Payment Rails.
You can also share dashboards with users connecting from IP addresses or CIDRs in this Safelist. That way they can see the dashboard without logging in, but the dashboard remains private to your Safelist. The public cannot see it.
Safelist settings take effect after users have logged out of their Payment Rails accounts. If a user is logged in when you make the Safelist setting, they will stay logged in. Any IP or CIDR addresses must be associated with your company in order to add them to the Safelist. Wildcards are not supported, only use them to specify an IP or CIDR address range.
The IP is generally your host IP address. But if your request is coming through a proxy, an x-forwarded-for header is included in the HTTP requests to Payment Rails, which is used as the IP when evaluating the Safelist.
Security > Allowed Domain
Under "Allowed IP Addresses" please separate multiple IPs with commas.
If you have a company VPN you can add that to the list for added security and limit users/IPs.