Accessing the API outside of your network will require the assistance of your IT staff or personnel familiar with configuring exceptions in firewalls, port forwarding on routers, and potentially DNS configuration.

The API by default is only accessible from your internal network. The API utilizes port 5321 by default for all communication, that communication utilizes an encrypted HTTPS channel for all traffic to/from the API. When you are within your own internal network the API is generally accessible to all servers and computers unless you have firewall settings restricting that access. The information below is meant as a general guide on what you settings you'll like need to change, however it does require a working knowledge of doing these configurations.

Improperly configuring these settings could lead to potential security vulnerabilities.

  • It is recommended that you have a static IP address from your internet provider.
  • If using a dynamic IP from your internet provider, you will need to install a dynamic DNS service that translates a static DNS to your rotating/dynamic IP. Otherwise the external IP address that you use for your calls to the API will fail when the IP address is changed by your internet provider.
  1. If using a software-based firewall on the server where the API is installed, you must add an exception for all Incoming/Outgoing TCP traffic on Port 5321.
  2. If using a hardware-based firewall you must add an exception for all Incoming/Outgoing TCP traffic on Port 5321.
  3. If using a firewall/router for NAT, you must configure all incoming TCP traffic on Port 5321 to be redirected to the server where the API is installed.

Contributor: Brandon R., Cyrious

Date: 8/9/2013

Version: Control 5.1

You could leave a comment if you were logged in.