Whitelisting Requirements

Depending on the configuration of your network and the requirements of the applications being integrated, you may need to whitelist some IP addresses for successful communications. The sections below outline possible communication scenarios and provide the list of IP addresses that need to be whitelisted or URLs that need to be accessible for each case.

Note: TIBCO may update these IP addresses or URLs. Updates are made after posting a Release Notice and updating the TIBCO Cloud ™ Services Status page. Best practice is to sign up for notifications from the TIBCO Cloud ™ Services Status page.

Cloud Agent

Cloud Agents are hosted on the TIBCO Scribe® platform. If these Agents are communicating with an application or system that is behind a firewall, you may need to whitelist the source IP addresses of our Cloud Agents.

The data center your Organization is associated with determines which set of IP addresses needs to be whitelisted. To see the data center associated with your Organization select More > Edit Organization from the menu.

Data Center

IP Addresses

AWS Europe

  35.157.107.151

  52.59.173.145

AWS US

  52.6.65.166

  52.21.2.156

Azure US *

  52.137.93.65

  40.91.89.158

*Note: The US Azure Data Center is available only when working in TIBCO Scribe® Online as a capability of TIBCO Cloud ™ Integration. In TIBCO Cloud ™ Integration, Data Centers are referred to as Regions.

On-Premise Agent

On-Premise Agents are installed on a local server and handle all communication between TIBCO Scribe® Online and the source and target applications being integrated.

Platform

To retrieve instructions and update TIBCO Scribe® Online with its current status, the Agent needs access to one or more of the following TIBCO Scribe® platform endpoints.

Note: For On Premise Agents, if you are using a data center other than the US data center, you must allow access to both your own data center and the US data center.

Data Center

Endpoints

Static IP Addresses

AWS Europe

https://agent-frankfurt.scribesoft.com

  3.94.183.228

  3.210.164.229

  3.210.220.205

  3.219.0.211

  3.219.82.130

  3.222.1.182

  3.224.17.183

  18.204.188.169

  18.211.255.76

  34.192.161.112

  34.199.140.171

  34.230.155.160

  35.158.9.191

  35.174.159.215

  52.1.131.218

  52.2.155.242

  52.3.62.147

  52.7.200.1

  52.20.44.177

  52.23.130.182

  52.28.61.234

  52.29.220.8

  52.45.5.15

  52.58.102.181

  52.58.248.24

  52.70.64.150

  52.73.34.66

  52.73.83.188

  52.203.27.122

  52.205.243.69

  54.82.228.30

  54.86.177.217

  54.93.152.15

AWS US

https://agent.scribesoft.com

  18.205.138.48

  34.197.135.234

  34.197.203.69

  34.199.76.224

  34.233.74.136

  34.237.69.78

  34.238.209.108

  54.83.87.1

  54.84.110.228

  54.86.129.180

  54.88.106.171

AWS US Sandbox

https://sb-agent.scribesoft.com

  3.213.67.3

  3.229.207.198

  34.198.237.167

  34.224.153.250

  52.204.244.28

  54.146.195.161

Azure US *

https://us1-connect-agent-azure.scribesoft.com

  13.77.173.116

Note: The US Azure Data Center is available only when working in TIBCO Scribe® Online as a capability of TIBCO Cloud ™ Integration. In TIBCO Cloud ™ Integration Data Centers are referred to as Regions.

Ports

Agent communication is outbound from your environment to the TIBCO Scribe® platform over port 443.

To communicate with the TIBCO Scribe® platform on status and instructions in real-time the Agent needs to attach to the TIBCO Scribe® Online Service Bus over ports 443, 5671, 5672, 9350, 9351, 9352, 9353, 9354 and requires access to one of the following URLs:

Data Center

URLs

AWS US

Azure US

*.servicebus.windows.net

AWS Europe

*.servicebus.cloudapi.de

Refer to the following Knowledge Base article to validate that the TIBCO Scribe® Online Agent can connect to TIBCO Scribe® Online through the required ports: Check Ports In Agent Environment

Note: If your network policies prohibit you from opening these outbound ports, you can configure an On-Premise Agent to poll for updates and only use https://agent.scribesoft.com or https://agent-frankfurt.scribesoft.com. This option is not recommended and has performance implications. Contact TIBCO Support for assistance with this alternate configuration.

Firewall

If your business requires that you have the TIBCO Scribe® Online On-Premise Agent installation behind a Proxy Server or a Firewall, the Agent may not be able to communicate with TIBCO Scribe® Online or other Cloud applications. See Installing An On-Premise Agent With Proxy Servers Or Firewalls for detailed configuration instructions.

Applications Initiating Requests

Applications, such as Salesforce, that send requests to TIBCO Scribe® Online Event Solutions containing Request / Reply and Message Maps must be able to access the one of following URLs to automatically route the request to the appropriate Agent:

Data Center

Endpoints

AWS Europe

https://endpoint-frankfurt.scribesoft.com

AWS US

https://endpoint.scribesoft.com

Azure US*

https://us1-connect-endpoint-azure.scribesoft.com

Note: The US Azure Data Center is available only when working in TIBCO Scribe® Online as a capability of TIBCO Cloud ™ Integration. In TIBCO Cloud ™ Integration Data Centers are referred to as Regions.

See Adding Or Editing An Integration Event Solution and Setting Security Options.

Management API

Both TIBCO Scribe® Online end users who access the API swagger page and applications that leverage the TIBCO Scribe® Online API must be able to access the following endpoint: 

Data Center

Endpoint

AWS US

https://api.scribesoft.com

Azure US*

https://us1-connect-api-azure.scribesoft.com

Note: The US Azure Data Center is available only when working in TIBCO Scribe® Online as a capability of TIBCO Cloud ™ Integration. In TIBCO Cloud ™ Integration Data Centers are referred to as Regions.

SSL Certificates

TIBCO uses SSL certificates for secure communications between your browser and TIBCO Scribe® Online and between the Agent and TIBCO Scribe® Online. To validate these certificates, your browser and Agent need outbound access to port 80 and must be able to access the following URLs:

Related Topics

Requirements