Skip to main content

Celonis Product Documentation

Allowlisting Celonis domain names, IP addresses and third party domains

Important

Celonis does not recommend using IP allowlisting since it requires additional maintenance and can result in an interruption to service when IPs are added or modified if the allowlist has not been updated. IPs are subject to change with a two weeks notice period.

Celonis instead recommends allowlisting fully qualified domain names (FQDNs) instead of IP addresses if your firewall allows such filtering rules, for example "teamname"."realm".celonis.cloud.

If you cannot use FQDN allow lists in your firewall, use an IP allowlist to provide access to the Celonis IP addresses listed below. Your system administrator might need to add all global and realm-specific Celonis IP addresses to your corporate allowlist.

See Third party domains below if you are restricting access to the specific domains that your user’s web browsers can access. Those domains should be added to your domain filter in addition to your Celonis Team domain name.

Celonis IPs as destination

If you need to allowlist Celonis Platform IP addresses instead of FQDNs for sending data towards Celonis Platform (such as when using Celonis Uplink Extractors on your premises or sending source system extracted data via Data Push API), add all of the IP addresses below in your firewall:

Note

If your firewall is not IPv6 enabled, you don't need to include the IP addresses below that contain colons (:).

162.159.140.65
172.66.0.65
2606:4700:7::41
2a06:98c1:58::41
172.65.64.56
172.65.64.57
2606:4700:78::4
2606:4700:78::5
Celonis IPs as origin

If you need to access your own services (such as web services or mail servers) on your own premises or on a SaaS provider tenant (such as Salesforce or Snowflake), you can specify IP addresses based on the realm on which your Celonis team resides:

Realm

Celonis Platform IPs as origin

eu-1

18.184.169.225

18.184.23.70

35.156.1.191

eu-2

13.73.158.49

eu-3

20.218.91.128

20.218.105.182

eu-4

18.193.182.112

18.193.93.30

18.196.83.72

eu-5

3.66.63.163

3.66.64.244

35.156.166.165

uk-1

No static IP

us-1

35.173.85.93

52.2.234.158

52.201.190.146

us-2

20.187.3.129

52.183.80.180

40.65.121.189

us-3

3.234.197.42

52.206.79.170

3.232.245.238

3.223.178.232

52.73.17.255

34.231.61.123

jp-1

52.243.46.143

au-1

No static IP

Third party domains

Celonis Platform takes advantage of a number of third party services. The domains for these third party services may need to be added to your allowlist by your IT admin.

Third party domain

Comment

Can be deactivated if required

static.celonis.cloud

This domain is used to serve static assets such as javascript files, images, logos, etc.

No

id.celonis.cloud

This domain is required when users access the Celonis Platform using Single Sign On via Celonis ID.

No

res.cloudinary.com

This domain is required for delivering image & video content as part of the AppCues integration.

Yes

fast.appcues.com

This domain is required for targeted notification banners to inform users about new features, maintenance windows, and other time sensitive information.

Yes

api.appcues.net

This domain is required for targeted notification banners to inform users about new features, maintenance windows, and other time sensitive information.

Yes

fonts.googleapis.com

This domain is required for delivering fonts as part of the AppCues integration.

Yes

fonts.gstatic.com

This domain is required for delivering fonts as part of the AppCues integration.

Yes

rum.browser-intake-datadoghq.com

This domain is required for monitoring application performance from a customer perspective.

No

api.userlane.com

This is a content delivery network used for Training and Academy Celonis Platform environments only.

Yes

cdn.userlane.com

This is a content delivery network used for Training and Academy Celonis Platform environments only.

Yes

imgcdn.userlane.com

This is a content delivery network used for Training and Academy Celonis Platform environments only.

Yes

auth.userlane.com

This is a content delivery network used for Training and Academy Celonis Platform environments only.

Yes