IP allowlisting (also called whitelisting) is a security practice that permits access to a service only from pre-approved IP addresses. All requests from non-listed IPs are rejected.
The proxy provider maintains a list of authorized client IPs. When you add your IP to the allowlist, the proxy server accepts connections from that address without requiring username/password authentication. This is an alternative to credential-based authentication. Most providers let you manage your allowlist through a dashboard or API, and changes take effect within seconds.
Match the strength of this control to what is actually at risk in the workflow.
USER-country-de-session-task01The credential string is the only configuration needed -- "country-de" sets the exit, "session-task01" keeps it consistent, and ip allowlisting is handled by the gateway rather than your application code.
Test the setup with a leak-test tool or packet capture to confirm this protection is actually working, not just configured.
Pair this with sane session handling and header hygiene -- no single control covers a full workflow on its own.
Apply the strongest version of this control to logins, payments, and personal data -- it is overkill for public information.
Do not let two workflows that need to stay separate for privacy or account reasons share the same session or IP.
A company adds their office IP (203.0.113.50) and cloud server IP (198.51.100.10) to the proxy provider allowlist so both can connect without sending credentials in each request.
IP allowlisting simplifies proxy authentication by removing the need for credentials in your code. It is more secure because even if someone obtains your proxy endpoint, they cannot use it from a non-listed IP.
If your ISP assigns dynamic IPs, you will need to update your allowlist when your IP changes. Some proxy providers offer API endpoints to update the allowlist programmatically, or you can use credential-based authentication instead.
Most providers support CIDR notation (e.g., 203.0.113.0/24) for allowlisting IP ranges. This is useful when your traffic comes from a block of cloud server IPs that share a common prefix.
Ready to put this into practice? Authentication Guide
Start a free trial and test with real targets -- no credit card, no sales call.