Creative Force is a cloud-based application and to use it, you as a customer, need to allow some outbounds and inbounds if you have a Firewall / Proxy.
This document below describes what is required.
Outbound
You as a customer should allow outbound to these domains (if you have a Firewall / Proxy):
- creativeforce.io
- 4q8cgc5u0e-log.creativeforce.io
- api.creativeforce.io
- app.creativeforce.io
- docs.creativeforce.io
- download.creativeforce.io
- help.creativeforce.io
- images.creativeforce.io
- logs.creativeforce.io
- search-api.creativeforce.io
- socket.creativeforce.io
- webhook.creativeforce.io
- www.creativeforce.io
- zip.creativeforce.io
- accounts.creativeforce.io
- s3-r-w.eu-central-1.amazonaws.com
- checkip.amazonaws.com
- kelvin-hue-download.s3.eu-central-1.amazonaws.com
- lh-euc1-files1.s3.eu-central-1.amazonaws.com
- lh-applications-release.s3.eu-central-1.amazonaws.com
- lh-applications-release.s3.amazonaws.com
- lh-uploader.log.s3.eu-central-1.amazonaws.com
- lh-applications-speedtest.s3.eu-central-1.amazonaws.com
- lh-euc1-resources.s3.eu-central-1.amazonaws.com
- zozr94bce5.execute-api.eu-central-1.amazonaws.com
- gstatic.com
- www.google.com
- browser.sentry-cdn.com
- sentry.io
- creativeforce.eu.looker.com
- static-a.lookercdn.com
- static-b.lookercdn.com
- ping.looker.com
- api-iam.intercom.io
- widget.intercom.io
- nexus-websocket-a.intercom.io
- js.intercomcdn.com
- static.intercomassets.com
- downloads.intercomcdn.com
- gifs.intercomcdn.com
- intercom.com
- lh-euc1-files1.s3-accelerate.amazonaws.com
- gqj5jp8pgc.execute-api.eu-central-1.amazonaws.com
- ctp21cg5zb.execute-api.eu-central-1.amazonaws.com
- www.recaptcha.net
Additionally, we need outbound access to Amazon AWS services at IP ranges defined here: IPs for AWS services
Documentation: https://docs.aws.amazon.com/en_pv/general/latest/gr/aws-ip-ranges.html
Please be aware that the IPs from Amazon get updated regularly and a new JSON IP range list is populated. It’s highly unlikely that it will impact the Creative Force applications, but updates to the services can happen.
As an alternative, it can be considered to allow outbound access to:
ZEBRA Network printer
If you are using the feature “ZEBRA Network printer”, you may have to allow outbound to the address of your printer. The Printer settings can be found at https://app.creativeforce.io/settings/studio/print/printers
Depending on your settings, you may need to allow outbound to the specific IP address of the URL.
If you are using our Triad application for printing, you need to allow outbound traffic for this domain:
- c0ce14d0182.triad.creativeforce.io
Inbound
You as a customer should allow inbound from this IP address (if you have a Firewall / Proxy).
- 52.59.62.218
Notes:
This requirement is only for
- Client delivery functionality
- External vendor functionality.
- Webhook
You can ignore this requirement if you don’t need these settings.
- The Client delivery settings can be found at https://app.creativeforce.io/settings/studio/clients, section “Delivery Options”.
- The Vendor settings can be found at https://app.creativeforce.io/settings/studio/post-production
- The Webhook settings can be found at https://app.creativeforce.io/settings/studio/developer
- Depending on your settings, you may need to open a port. For example, if you made a setting to deliver assets to a server via SFTP at port 22, then you will have to open port 22 on that server.
- About the “Client data sources” settings: As we will never write to that data sources (we only read it) so you do not need to allow any inbound for this setting.
SSL Certificates
Customer should allow these SSL certificates:
Certificate for domain
Customer can view this certificate by going to https://app.creativeforce.io/
Certificate for Windows application
You can view this certificate by download our applications (HUE and Kelvin) from https://download.creativeforce.io/
Certificate for macOS application
You download the certificate from this link:
Creative Force macOS Certificate
