Creative Force is a cloud-based application and to use it, you as a customer, need to allow some outbounds and inbounds if you have a Firewall / Proxy.
The document below describes what is required.
Outbound
You as a customer should allow outbound to these domains (if you have a Firewall / Proxy):
Verified Creative Force domains
creativeforce.io
4q8cgc5u0e-log.creativeforce.io
api.creativeforce.io
app.creativeforce.io
download.creativeforce.io
help.creativeforce.io
search-api.creativeforce.io
socket.creativeforce.io
webhook.creativeforce.io
creativeforce.io
zip.creativeforce.io
accounts.creativeforce.io
annotation.creativeforce.io
scim.creativeforce.io
static.creativeforce.io
gateway.creativeforce.io
make-thumbnail-on-the-fly.creativeforce.io
sso.creativeforce.io
app-log.creativeforce.io
speedtest.creativeforce.io
us-east-1-zip.creativeforce.io
ap-southeast-1-zip.creativeforce.io
eu-central-1-make-thumbnail-on-the-fly.creativeforce.io
eu-central-1-zip.creativeforce.io
us-west-1-make-thumbnail-on-the-fly.creativeforce.io
us-west-1-zip.creativeforce.io
ap-southeast-2-make-thumbnail-on-the-fly.creativeforce.io
ap-southeast-2-zip.creativeforce.io
creativeforce.eu.looker.com
files.creativeforce.io
share-socket.creativeforce.io
share.creativeforce.io
connect.creativeforce.io
insights.creativeforce.io
Other Verified domains
checkip.amazonaws.com
kelvin-hue-download.s3.eu-central-1.amazonaws.com
lh-euc1-files1.s3.eu-central-1.amazonaws.com
lh-applications-release.s3.eu-central-1.amazonaws.com
lh-applications-release.s3.amazonaws.com
lh-uploader.log.s3.eu-central-1.amazonaws.com
lh-applications-speedtest.s3.eu-central-1.amazonaws.com
lh-euc1-resources.s3.eu-central-1.amazonaws.com
zozr94bce5.execute-api.eu-central-1.amazonaws.com
lh-euc1-files1.s3-accelerate.amazonaws.com
gqj5jp8pgc.execute-api.eu-central-1.amazonaws.com
ctp21cg5zb.execute-api.eu-central-1.amazonaws.com
t4ral5z1b2.execute-api.eu-central-1.amazonaws.com
gstatic.com
recaptcha.net
google.com
fonts.gstatic.com
browser.sentry-cdn.com
sentry.io
static-a.lookercdn.com
static-b.lookercdn.com
ping.looker.com
api-iam.intercom.io
widget.intercom.io
nexus-websocket-a.intercom.io
js.intercomcdn.com
static.intercomassets.com
downloads.intercomcdn.com
gifs.intercomcdn.com
intercom.com
intercom-sheets.com
lh-backend-service-production.s3-accelerate.amazonaws.com
lh-backend-service-production.s3.eu-central-1.amazonaws.com
p-uw1-cf-files-s3.s3-accelerate.amazonaws.com
p-uw1-cf-files-s3.s3.us-west-1.amazonaws.com
p-as2-cf-files-s3.s3-accelerate.amazonaws.com
p-as2-cf-files-s3.s3.ap-southeast-2.amazonaws.com
In order to test your system's compatibility with the above domains you can use the following test application:
System Requirements Checker
You can run the below test, to see your relative performance in connecting with our AWS S3 bucket. Reach out to your Customer Success Manager to gain credentials.
ZEBRA Network printer
If you are using the feature “ZEBRA Network printer”, you may have to allow outbound to the address of your printer. The Printer settings can be found at https://app.creativeforce.io/settings/studio/print/printers
Depending on your settings, you may need to allow outbound to the specific IP address of the URL.
If you are using our Triad application for printing, you have to allow outbound to this domain:
c0ce14d0182.triad.creativeforce.io
Notice: This domain will be pointed to the IP address 127.0.0.1, so please make sure your system will allow it.
The Triad app will need to reserve a port in the range from 3000 to 3005 to communicate with Gamma. And it will call the network printer by WS, WSS, HTTP, or HTTPS method (this depends on the protocol that the user setup in Gamma).
Inbound
If your Webhook, External Post, Data Source or Asset Delivery function is behind a firewall or proxy, you will then need to approve the following IP addresses:
52.59.62.218/32
3.68.251.224/30
3.101.209.184/30
3.27.50.100/30
18.143.136.252/30
44.210.98.196/30
If you need to schedule a report and deliver it to an SFTP destination, ensure that the following IP addresses (not Creative Force addresses) are not blocked:
52.31.69.117
34.243.112.76
52.49.220.103
You can ignore this Inbound requirement if you don’t need these settings. The detailed settings can be found in the below links within our web application.
The Client delivery settings can be found in section “Delivery Options” https://app.creativeforce.io/settings/studio/clients
The Vendor settings can be found at https://app.creativeforce.io/settings/studio/post-production/external
The Webhook settings can be found at https://app.creativeforce.io/settings/studio/webhooks
The Data Sources settings can be found in section “Data sources” https://app.creativeforce.io/settings/studio/datasources
Depending on your settings, you may need to open a port. For example, if you made a setting to deliver assets to a server via SFTP at port 22, then you will have to open port 22 on that server.
SSL Certificates
You should allow these SSL certificates:
Certificate for domain
You can view this certificate by going to https://app.creativeforce.io/
Certificate for Windows application
You can view this certificate by downloading our applications (HUE and Kelvin) from https://download.creativeforce.io/
Certificate for macOS application
You can download the certificate from this link:
