03-10-2023 03:21 PM
Hi All,
I am looking for the list of domains that the application uses (e.g., api.strava.com, etc...) or a list of IP addresses for the application.
I need it in order to detect the traffic originated from Mobile users to Strava and allow this traffic while stopping all the other.
Many thanks for your help.
Solved! Go to Solution.
03-21-2023 09:43 AM
Hi there,
We've escalated this request to our support team and your inquiry will be handled accordingly.
02-27-2024 01:13 AM
08-23-2023 10:29 AM
Hello,
A safelist of IP addresses and/or IP address blocks is necessary. Otherwise it would be possible for anyone who knows my routes to call. Garmin provides this to its developers.
Here's what I've seen on my webhooks today:
My strategy without further support will be to allow only these that I see as a result of my interactions during development.
Please also remove blocking the sharing of IP addresses. Good grief.
Thanks,
Doug
08-23-2023 11:13 AM
Offering additional threat assessment and mitigations in the absence of an IP safelist:
When considering all of the exposed Strava endpoints on my webserver, I don't see any serious threats (other than DOS attacks) except the webhook callback, which needs some special attention:
Hope that helps,
Doug
04-12-2023 03:27 AM
Hi @Elliott
When we can expect the solution or any answer?
04-03-2023 10:38 AM
@Elliott Is there any response on that question? I also need to restrict the traffic to my server, and allow only connections from strava. Thanks.
03-21-2023 09:43 AM
Hi there,
We've escalated this request to our support team and your inquiry will be handled accordingly.
07-08-2024 03:49 AM
Hi,
I am having the same issue, can I get this IP Whitelist list also?
Regards
Andrzej
Welcome to the Community - here is your guide to help you get started!