X

Antony Reynolds' Blog

Integration Cloud Who Are We - Using Headers to Identify IP Addresses

Antony Reynolds
Senior Director Integration Strategy

Identifying Integration Cloud IP Addresses

In this blog post I will show how to identify IP addresses associated with Integration Cloud.

The Challenge

When whitelisting services we need to know their IP address.  This is easy if we need to identify the inbound address to Integration Cloud, we can just resolve the Integration Cloud hostname to get the IP address of the Integration Cloud load balancer to be whitelisted for inbound traffic to integration Cloud.  This is useful if we need to whitelsit outbound calls through a firewall to Integration Cloud.  However for outbound traffic from Integration Cloud we need to do a little more.  This is needed when the target of integration Cloud invokes need to whitelist their caller.

The Solution Part #1 Using an External Service to Look Up Source IP

We will create an integration that calls a service that returns the calling IP address.  For outbound traffic from Integration Cloud this will be different from the inbound address.  There is a service call Ipify that returns the calling IP address.  This has a REST API that can be invoked to obtain the IP address.

To create it we create a new integration called Get Outbound IP.

The integration provides a simple REST interface to retrieve the outbound IP address.

REST Interface: Resource /outboundip : Method GET

Response Media Type: application/json

Response sample: {"ip":"129.157.69.37"}

We call the Ipify REST API as an invoke so that we can get the outbound IP address of Integration Cloud.

The IPIFY Connection has the following properties:

Connection Type: REST API Base URL

Connection URL: https://api.ipify.org

Security Policy: No Security Policy

The invoke has the following properties:

REST Service URL: /

Method: GET

Query Params: format

JSON Response Sample: {"ip":"129.157.69.37"}

The overall flow looks as below:

Calling this integration returns the IP address used by Integration Cloud for Outbound Calls.  This can then be used to whitelist calls to an FTP server for example.

The Solution Part #2 Implementing the Equivalent of Ipify

In Part #1 we used an external service to get the IP address of the caller of the service.  In this section we will implement an equivalent service in Integration Cloud.

In order to obtain the IP address of the client of Integration Cloud we need to access the headers set by the load balancer.  The Load Balancer as a Service used by Integration Cloud defines a special header X-Real-IP to provide target systems with the actual IP address of the calling system.

When defining the REST endpoint of our integration we need to define a customer inbound header.  This is done on the trigger.

Note we declare the use of customer headers.

We provide the basic endpoint information.

Then we are prompted to provide the name of custom header fields - X-Real-IP.

This is all that is needed to obtain the IP address of the caller of the integration.  The whole flow does not require anything other than mapping the header field back onto the response JSON as shown in the flow below.

Summary

This post has shown how using custom headers we can determine the IP address of the caller of an integration, providing the same functionality as the Ipify service.

The IP address of the caller may be useful for logging or other purposes, so being able to access it via the custom headers is a valuable tool in our arsenal.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha