Configuring Blocklists/Allowlists for APIs

  • Last update: April 20, 2026

    • Overview

    Version

    FineDataLink Version
    		Functional Change
    4.0.28

    /

    4.2.8.1

    Allowed configuring blocklists/allowlists for apps.

    4.2.16.2

    Changed the effective app path in custom rules to the complete API paths, for example, http://localhost:8068/webroot/service/884226ec-1869-40f1-9413-26bb72875ff8/API name.

    Application Scenario

    To ensure secure API calls by external systems, you need to configure the blocklist or allowlist after publishing the API.

    Function Description

    Data Service supports the configuration of both global-level and application-level blocklists/allowlists. The blocking logic is shown in the following figure.

    image 1.png

    Specific SettingDescriptionRemark
    Global-Level Blocklist/Allowlist Configuration

    The global blocklist/allowlist rule ensures overall service security and stability, effective for all APIs.

    When configuring both global-level and application-level blocklists/allowlists, access to the current API requires permission at all levels.

    Application-Level Blocklist/Allowlist Configuration

    You can configure blocklists/allowlists for applications, allocating accessible resources to different visitors.

    Prerequisite

    1. To view the rules, you must have acquired access to the Data Service module. For details, see Data Platform Use Permission.

    2. Only super admins can configure global-level and application-level blocklists/allowlists. Other users can only view them.

    Configuring the Blocklist/Allowlist

    Choose Data Service > Rule Management to enter the blocklist/allowlist configuration page, as shown in the following figure.

     image 2.png

    Setting Global Rules

    1. Click the icon, and then click Edit to edit global rules, as shown in the following figure.

     image 3.png

    2. Set blocklist/allowlist for all applications, as shown in the following figure.

    image 4.png

    3. Enable this rule, as shown in the following figure.

    image 5.png

    The relevant configuration descriptions are as follows:

    iconNote:
    1. Only one global rule with a fixed location is available for editing. It is visible to all users and cannot be deleted. Super admin can disable the rule, while other users can only view it and cannot edit it.                2. You are advised to use APPCode together with blocklists/allowlists to enhance API security.
    Setting Item
    		Description
    Blocklist/Allowlist

    Blocklist: IP addresses in the blocklist cannot access the API.

    Allowlist: Only IP addresses in the allowlist can access the API. All IP addresses not in the allowlist are denied access.

    IP

    You can specify IP ranges and IP addresses.

    1. IP range example: 192.168.2.0/24
    This specifies the address range 192.168.2.1 through 192.168.2.254 (inclusive), excluding the network address (192.168.2.0) and the broadcast address (192.168.2.255).

    2. IP address example: 192.168.0.1

    Remark

    You can add remarks for the IP address.

    Quick Add

    This setting is available from FineDataLink V4.2.8.1, enabling quick IP address adding, as shown in the following figure.

     image 6.png

    Adding Rules for an Application

    1. Click Add Custom Rule to add rules for an application, as shown in the following figure.

    2. Configure the blocklist or allowlist.

    image 8.png

    3. The page after configuration is shown in the following figure.

    image 9.png

    The relevant configuration descriptions are as follows:

    iconNote:
    1. Non-super-admin users can only view the rules and cannot edit them.                                              2. You are advised to use APPCode together with blocklists/allowlists to enhance API security.
    Setting Item
    		Description
    Blocklist, Allowlist, IP, Remark, Quick Add

    For details, see the "Setting Global Rules" section of this document.

    Target Object

    • Configuration object: applications within your permission scope.

    • Target object: all APIs bound to the selected application

    4. On the App List tab page, you can view the blocklist/allowlist rules for a specific application, as shown in the following figure.image 10.png

    附件列表


    主题: Data Service
    Previous:Binding an API to an Application
    Next:API Task Import and Export
    • Helpful
    • Not helpful
    • Only read
    中文(简体)
    English

    滑鼠選中內容,快速回饋問題

    滑鼠選中存在疑惑的內容,即可快速回饋問題,我們將會跟進處理。

    不再提示

    10s後關閉

    Get
    Help
    Online Support
    Professional technical support is provided to quickly help you solve problems.
    Online support is available from 9:00-12:00 and 13:30-17:30 on weekdays.
    Page Feedback
    You can provide suggestions and feedback for the current web page.
    Pre-Sales Consultation
    How to Get Quotes:
    FineReport FineBI
    Demonstration Booking:
    FineReport FineBI
    Business Consultation
    Business: international@fanruan.com
    Support: support@fanruan.com
    Page Feedback
    *Problem Type
    Cannot be empty
    Problem Description
    0/1000
    Cannot be empty

    Submitted successfully

    Network busy