Network Security
IP Allowlisting
Restrict API access to specific IP addresses or CIDR ranges. Add an extra layer of security by controlling which networks can reach your API keys.
Enterprise security
IPv4 & IPv6 support
CIDR notation
Manage IP Allowlist
203.0.113.0/24
Office network
Added 2024-01-15
198.51.100.50/32
VPN exit node
Added 2024-02-01
192.0.2.0/28
CI/CD servers
Added 2024-02-15
CIDR Notation Reference
| CIDR | Description |
|---|---|
| 203.0.113.50/32 | Single IP address |
| 203.0.113.0/24 | 256 addresses (203.0.113.0 - 203.0.113.255) |
| 203.0.0.0/16 | 65,536 addresses |
| 10.0.0.0/8 | Private network (Class A) |
| 2001:db8::/32 | IPv6 range |
API Reference
Add IP Rule
# Add an IP to the allowlist
curl -X POST https://api.justkalm.com/v2/security/ip-allowlist \
-H "Authorization: Bearer jk_live_xxx" \
-H "Content-Type: application/json" \
-d '{
"cidr": "203.0.113.0/24",
"description": "Office network"
}'
# Response
{
"id": "ip_abc123",
"cidr": "203.0.113.0/24",
"description": "Office network",
"status": "active",
"created_at": "2024-01-15T10:30:00Z"
}List All Rules
# List all allowlisted IPs
curl https://api.justkalm.com/v2/security/ip-allowlist \
-H "Authorization: Bearer jk_live_xxx"
# Response
{
"data": [
{
"id": "ip_abc123",
"cidr": "203.0.113.0/24",
"description": "Office network",
"status": "active"
},
{
"id": "ip_xyz789",
"cidr": "192.0.2.0/28",
"description": "CI/CD servers",
"status": "active"
}
],
"enforcement_mode": "enabled"
}SDK Usage
import { JustKalm } from '@justkalm/sdk';
const client = new JustKalm({ apiKey: process.env.JUSTKALM_API_KEY });
// Add IP to allowlist
const rule = await client.security.ipAllowlist.create({
cidr: '203.0.113.0/24',
description: 'Office network',
});
// List all rules
const rules = await client.security.ipAllowlist.list();
// Delete a rule
await client.security.ipAllowlist.delete('ip_abc123');
// Enable/disable enforcement
await client.security.ipAllowlist.setEnforcement(true);Security Features
Organization-Wide Rules
Apply IP restrictions across all API keys in your organization. Perfect for enterprise compliance.
Per-Key Restrictions
Optionally set IP restrictions per API key. Fine-grained control for multi-environment setups.
Blocked Request Alerts
Get notified when requests are blocked by IP restrictions. Monitor for unauthorized access attempts.
Graceful Rollout
Enable "audit mode" to log blocked requests without rejecting them. Safely test rules before enforcement.
Enterprise-Grade Security
IP allowlisting is available on Pro and Enterprise plans.