I have a SmartApp hosted by a cloud provider and need to configure firewalls rules such that the inbound ports used for ST webhook calls are not open to the entire internet. Can you please provide the address blocks used by ST to generate webhook requests to enable configuration of restrictive firewall rules which allow only requests from ST
Thanks
Not sure if there are IP block addresses available, but you should only need TCP port 443 for HTTPS traffic open.
Bump. This info must be available ST developers. It is becoming a substantive security issue for our project. Please respond via email to my provided address if you do not want to post information on this thread.
Maybe to late, but I have had the same problem and tried to log all requests into my Smarthings Home Assistant Instance for a couple of days. I found these. Still have some logs ongoing so I can update if there are more IP:s to unlock.
34.249.143.135
52.19.91.220
63.33.16.12
Those are IPs belonging to Amazon AWS cloud, expect them to change over time and be different depending on the region too.