Skip to main content

Managing allowed IP addresses for a GitHub App

You can add an IP allow list to your GitHub App to prevent your app from being blocked by an organization's own allow list.

About IP address allow lists for GitHub Apps

Enterprise and organization owners can restrict access to assets by configuring an IP address allow list. This list specifies the IP addresses that are allowed to connect. For more information, see "Enforcing policies for security settings in your enterprise."

When an organization has an allow list, third-party applications that connect via a GitHub App will be denied access unless both of the following are true:

  • The creator of the GitHub App has configured an allow list for the application that specifies the IP addresses at which their application runs. See below for details of how to do this.
  • The organization owner has chosen to permit the addresses in the GitHub App's allow list to be added to their own allow list. For more information, see "Managing allowed IP addresses for your organization."

注意: GitHub App IP 允许列表中的地址仅影响 GitHub App 安装提出的请求。 将 GitHub App 的 IP 地址自动添加到组织的允许列表中不允许访问从该 IP 地址连接的 GitHub AE 用户。

Adding an IP address allow list to a GitHub App

  1. 导航到您的帐户设置。

    • 对于个人帐户拥有的 GitHub App,在任何页面的右上角,单击你的个人资料照片,然后单击“设置”。 用户栏中的 Settings 图标
    • 对于组织拥有的 GitHub App,在任何页面的右上角,单击你的个人资料照片,然后单击你的组织。 然后,在组织右侧,单击“设置”。 个人资料菜单中的你的组织 设置按钮
  2. In the left sidebar, click Developer settings. Developer settings

  3. 在左侧边栏中,单击“GitHub 应用”。 GitHub 应用部分

  4. 在要修改的 GitHub App 右边,单击“编辑”。 应用程序选择

  5. Scroll down to the "IP allow list" section. Basic information section for your GitHub App

  6. 在“IP 允许列表”部分的底部,输入 IP 地址或 CIDR 表示法中的地址范围。 用于添加 IP 地址的关键字段

  7. (可选)输入允许的 IP 地址或范围的说明。 用于添加 IP 地址名称的关键字段 The description is for your reference and is not used in the allow list of organizations where the GitHub App is installed. Instead, organization allow lists will include "Managed by the NAME GitHub App" as the description.

  8. 单击 “添加”。 “添加允许的 IP 地址”按钮