IP Allowlisting

IP allowlisting restricts which computers or servers can communicate with your systems by specifying a list of approved IP addresses. Only traffic from addresses on the list is allowed through; everything else is blocked. This is a common security measure that ensures only known, trusted systems can exchange data with your agency.

Webhook IPs

eCourtDate sends webhook events from specific IP addresses:

Get the current outbound IPs from the Console when creating or editing a webhook
Add these IPs to your firewall or application-level allowlist
Combine IP allowlisting with HMAC-SHA256 signature verification for defense in depth: IP allowlisting filters traffic at the network layer while signature verification confirms payload authenticity at the application layer

See Webhook Security for the full webhook security model.

SFTP IPs

There are two SFTP scenarios depending on who hosts the server:

eCourtDate-Managed SFTP (eCourtDate Provides the Server)

Your agency connects to an SFTP server hosted by eCourtDate
Add the IP addresses of any machines or networks that will connect to the server as IP rules in the Console
Only connections from IPs listed in those rules will be accepted

Agency-Managed SFTP (You Provide the Server)

eCourtDate connects to your SFTP server from specific IP addresses
Retrieve eCourtDate's outbound IPs from the Console and add them to your server's allowlist
Only traffic from those IPs needs to be permitted

API Access

Some networks restrict outbound connections. Ensure your servers can reach *.api.ecourtdate.com on port 443 (HTTPS)
Configure the API client in the Console to include the IP address(es) your servers use to call the API. Requests from unlisted IPs will be rejected.
Check your outbound IP: curl https://checkip.amazonaws.com

CIDR Notation

When configuring firewalls, IP rules are often expressed in CIDR (Classless Inter-Domain Routing) notation. Here is a quick reference:

Notation	Meaning	Example
`/32`	Single IP address	`203.0.113.10/32` = only `203.0.113.10`
`/24`	256 addresses	`203.0.113.0/24` = `203.0.113.0` through `203.0.113.255`
`/16`	65,536 addresses	`203.0.0.0/16` = `203.0.0.0` through `203.0.255.255`

When eCourtDate provides specific IPs, use /32 (single IP) entries unless instructed otherwise.

Network Security Recommendations

Layer defenses: Combine IP allowlisting with authentication (API keys, SSH keys, HMAC signatures) rather than relying on either control alone
Review on IP changes: If eCourtDate notifies you of IP address changes, update your allowlists promptly to avoid service interruptions
Restrict outbound traffic: Where possible, limit your servers' outbound connections to only the endpoints required for your integration (eCourtDate API, SFTP, webhook delivery)
Log rejected connections: Configure your firewall to log connection attempts from unlisted IPs for security monitoring

info

For private connectivity options such as VPC peering or AWS PrivateLink, contact the eCourtDate team through the Help Center.

Webhook Security: Webhook IP allowlisting and HMAC verification
Webhook Verification: HMAC-SHA256 signature verification
SFTP Authentication: SFTP connection setup
API Authentication: API access and credentials
Access Control: Authentication and authorization overview

Webhook IPs​

SFTP IPs​

eCourtDate-Managed SFTP (eCourtDate Provides the Server)​

Agency-Managed SFTP (You Provide the Server)​

API Access​

CIDR Notation​

Network Security Recommendations​

Related Pages​