Secure your API Key (Premium)

Secure your API Key by whitelisting your domains and server IPs. This feature is only available to paid users.

When using the ipdata API from your website in Javascript, you may worry that anyone would be able to see your API key and steal your quota; creating a whitelist allows you to restrict the hosts from where your API key can be used.


Once you create a whitelist your API key will not work from anywhere else other than the hosts you have specified

Here are some tips to get started with whitelists:

  • You can whitelist multiple domains, sub-domains or IP addresses.
  • Separate the entries with commas or by putting each host on a new line.
  • You can include or exclude the "https://" or "http://" url part.
  • You can include "localhost" with or without a port to allow API access in your dev environment
  • To delete a single host from the whitelist pre-pend a "-" in front of it then click on "Update". You can delete multiple entries in this way.
  • To explicitly remove all hosts from the whitelist, use the "Clear whitelist" button.
  • Note that changes are cumulative. Eg. if you select all the hosts in the entry form and delete them, then type in a new host and click update all the old hosts will still be there plus the new one.
  • To edit a host, delete the old value by pre-pending with "-" and add the new value