To ensure that app keys cannot be utilized by an unauthorized user outside a brand’s internal network, app keys will only be able to be used via the brand’s valid IP addresses.

When an account administrator creates or modifies an app key, they will be able to assign a list of single IPs or ranges of IPs to a whitelist. If an app key has an IP whitelisting configuration, only requests originating from these IPs will have access to LivePerson servers.

Currently, only the following APIs will be supported:

Additional API support will follow.

Due to service layer caching, there could be a slight delay (up to 5 minutes) from the moment an IP-Restriction is activated/updated until actual enforcement.

LivePerson strongly recommends enabling the API IP protection. If you have any questions, please contact LivePerson support.