Before You Start Using the API
This document provides important information about preparing to use the Corastone Integration API. It has the following sections:
Whitelisting Requirements
Client-Specific Connection Information
Whitelisting Requirements
To enable Corastone access, the following actions must occur as described below:
Client networking team must whitelist Corastone API URL.
Client networking team must whitelist Corastone IP addresses.
Client must provide IP address ranges to Corastone for systems and developer access.
Summary
The following table outlines the whitelisting tasks required for API use.
The following sections detail each task.
Whitelist Corastone API URL & Domain Outbound
You must allow outbound traffic by whitelisting one of the following:
OR
Whitelist Corastone IPs Inbound
To receive Corastone push REST notifications, you must:
Whitelist Client Source IPs
To enable us to accept API requests from the Client, you must:
Corastone will whitelist them internally and allow the connections.
Test API Access
When all whitelisting tasks have been performed, test access to the Corastone APIs:
where <org_id> is the org id listed in Client-Specific Connection Information.
See Client Specific Connection Information for values needed when executing this endpoint.
If this test is unsuccessful, please contact the Corastone Onboarding team for assistance.
Client-Specific Connection Information
You will need the following information from the Corastone Onboarding Team:
Integration API URL:
Org ID:
Client ID:
Client Secret:
Org Static IP 1:
Org Static IP 2:
Troubleshooting
403 Forbidden
Make sure the User-Agent header is set.
Work with your firewall team to determine if their configuration is compatible with the baseline AWS rules: Baseline Rule Groups for AWS.
Error: getaddrinfo ENOTFOUND integration-api.<org_id>.cdev.idevit.us
Make sure org_id is correct.
If this test is unsuccessful, please contact the Corastone Onboarding team for assistance.
Last updated
Was this helpful?