| title | description | services | author | ms.service | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|
Azure API Management policy reference - ip-filter | Microsoft Docs | Reference for the ip-filter policy available for use in Azure API Management. Provides policy usage, settings, and examples. | api-management | dlepow | azure-api-management | reference | 07/23/2024 | danlep |
[!INCLUDE api-management-availability-all-tiers]
The ip-filter policy filters (allows/denies) calls from specific IP addresses and/or address ranges.
[!INCLUDE api-management-policy-form-alert]
<ip-filteraction="allow | forbid"> <address>address</address> <address-rangefrom="address"to="address" /> </ip-filter>| Attribute | Description | Required | Default |
|---|---|---|---|
| action | Specifies whether calls should be allowed (allow) or not (forbid) for the specified IP addresses and ranges. Policy expressions are allowed. | Yes | N/A |
| Element | Description | Required |
|---|---|---|
| address | Add one or more of these elements to specify a single IP address on which to filter. Policy expressions are allowed. | At least one address or address-range element is required. |
| address-range | Add one or more of these elements to specify a range of IP addresses from "address" to "address" on which to filter. | At least one address or address-range element is required. |
- Policy sections: inbound
- Policy scopes: global, workspace, product, API, operation
- Gateways: classic, v2, consumption, self-hosted, workspace
If you configure this policy at more than one scope, IP filtering is applied in the order of policy evaluation in your policy definition.
In the following example, the policy only allows requests coming either from the single IP address or range of IP addresses specified.
<ip-filteraction="allow"> <address>13.66.201.169</address> <address-rangefrom="13.66.140.128"to="13.66.140.143" /> </ip-filter>[!INCLUDE api-management-policy-ref-next-steps]
