HubSpot API domain or IP range

idanc · ‎Feb 17, 2025

Hi,

We're custom integrating hubspot with a niche omnichannel platform. Their practice is to limit access to their APIs with geo blocking.

They've asked us to provide them with either a range of IP addresses for the hubspot API calls (which I told them is not possible as it's a dynamic range), and then they asked for a domain that is more specific than api.hubspot.com, so they can potentiall allowlist it.

Is there such a domain? specifically for API calls originating from the ops hub custom code actions.

Thanks!

zach_threadint · ‎Feb 17, 2025

Hi @idanc 👋

Unfortunately, no, at least not as far as I'm aware. Based on some quick testing, the HubSpot IP address credited with making a request (e.g. via a HubSpot Workflow Webhook or a request made using a Custom Workflow Action) changes frequently and doesn't seem to conform to any easily defined range. Sorry that's probably not the answer you were hoping for.

Is there any scope for the system you're integrating with to forgo IP restrictions in favour of supporting other security measures (e.g. HubSpot Request Validation, API authentication)?

I hope this proves helpful. Please let me know if you have any follow-up questions.

All the best,

Zach

--

Zach Klein
HubSpot Integrations & App Developer
Meanjin / Brisbane, Australia

Say g'day

If my post helped answer your query, please consider marking it as a solution.

View solution in original post

zach_threadint · ‎Feb 17, 2025

Hi @idanc 👋

Unfortunately, no, at least not as far as I'm aware. Based on some quick testing, the HubSpot IP address credited with making a request (e.g. via a HubSpot Workflow Webhook or a request made using a Custom Workflow Action) changes frequently and doesn't seem to conform to any easily defined range. Sorry that's probably not the answer you were hoping for.

Is there any scope for the system you're integrating with to forgo IP restrictions in favour of supporting other security measures (e.g. HubSpot Request Validation, API authentication)?

I hope this proves helpful. Please let me know if you have any follow-up questions.

All the best,

Zach

--

Zach Klein
HubSpot Integrations & App Developer
Meanjin / Brisbane, Australia

Say g'day

If my post helped answer your query, please consider marking it as a solution.

idanc · ‎Feb 18, 2025

Thank you Zach, I suspected as much but wanted to make sure. 🙏 re your question, the other system is already using authentication. they operate in a niche geo market (Israel) and serve primarily local companies so until now this posed no issue for them. Already told them Geo IP blocking is an outdated way to add security, after all, VPNs exist...

BérangèreL · ‎Feb 17, 2025

Hi @idanc, I hope that you are well!

Thanks for asking the HubSpot Community!

I'd love to put you in touch with some of our Top Experts and Community Members: Hi @sylvain_tirreau, @zach_threadint, @DanielJeal, @Maciek-Magic and @ChrisoKlepke do you have suggestions to help @idanc, please?

Have a nice day and thanks so much! ❤️

Best,
Bérangère

Saviez vous que la Communauté est disponible en français?
Rejoignez les discussions francophones en changeant votre langue dans les paramètres! !

idanc · ‎Feb 18, 2025

Thank you Berangere 🙏

APIs & Integrations