Environment URLs & IP Addresses

Prev Next

Intro U.S. U.S. Government Canada Australia Europe

Intro

You must provide the URL of a OneSpan Sign server.

If you are exploring the system or performing tests, you can connect to our Sandbox environment. Alternatively, if you have completed your integration with our system and want to launch your product, you can connect to our Production environment.

Sandbox Accounts are not equivalent to Production Accounts. To connect to the OneSpan Sign Production Environment, you must purchase a Production Account.

Your configuration settings depend on the URL into which you log. If you aren't sure which URL to use, in the email you received when you signed up, click Log into your account. In the Login screen that appears, your login URL will appear in your browser's address bar.

To ensure continuous service, you must whitelist certain IP addresses. To see which IP addresses need to be whitelisted, consult the tab for your environment.

Incoming IP Whitelists for OneSpan Sign

Please review this section to ensure your OneSpan Sign service continues to function normally.

In order to further optimize the security posture of OneSpan Sign, note the following:

  1. We use a Web Application Firewall (WAF) and additional protection against Denial-of-Service attacks. This protection is provided through Cloudflare and the inbound IP addresses used by OneSpan Sign are CloudFlareIP addresses.

  2. We use TLS cipher suites supported by OneSpan Sign. Transport Layer Security (TLS) is a protocol that protects the confidentiality and integrity of data exchanged between OneSpan Sign and customers. For more information, see TLS Support.

What do I need to do?

If you are not whitelisting IPs in your integration, there is no action required on your part.

If you are whitelisting our public IPs, please add the respective FQDN (fully qualified domain name) to your inbound whitelist to continue accessing our services:

Environment

FQDN

Canada Sandbox

sandbox.e-signlive.ca

US2 Sandbox

sandbox.esignlive.com

US1 Sandbox

sandbox.e-signlive.com

Europe Production

apps.esignlive.eu

Canada Production

apps.e-signlive.ca

US2 Production

apps.esignlive.com

US1 Production

apps.e-signlive.com

Australia Production

apps.esignlive.com.au

If your Security policy does not permit FQDN whitelisting, see Cloudflare's IP ranges. These IPs are subject to change at Cloudflare's discretion.

IP whitelisting for outgoing IP addresses is still required.

Below is the list of Incoming IP addresses (IPv4) applicable to all environments:

  • 173.245.48.0/20

  • 103.21.244.0/22

  • 103.22.200.0/22

  • 103.31.4.0/22

  • 141.101.64.0/18

  • 108.162.192.0/18

  • 190.93.240.0/20

  • 188.114.96.0/20

  • 197.234.240.0/22

  • 198.41.128.0/17

  • 162.158.0.0/15

  • 104.16.0.0/13

  • 104.24.0.0/14

  • 172.64.0.0/13

  • 131.0.72.0/22

URL Update for OneSpan Sign Sign API Calls

What do I need to do?

If you have not integrated OneSpan Sign via our API/SDKs and are not using mutual TLS protocols in your integration, there is no action required on your part.

If you HAVE integrated OneSpan Sign via our API/SDKs and are using mutual TLS protocols, in addition to the requirement of switching the IP addresses used by OneSpan Sign to IP addresses of Cloudflare as described above, please change your integration from using a port number, such as 8443 or 443, to using a path.

For example:

Old

New

https://apps.esignlive.com:8443/api

https://apps.esignlive.com/mtls/api

For more information on TLS protocols, see Supported TLS Versions.

We recommend that you work with your IT team immediately to upgrade your integration framework to the latest security library supporting the above-mentioned TLS versions and cipher suites. Once completed, please test your OneSpan Sign Sandbox environment to ensure that all TLS communications are working properly. This is an important step that ensures that your organization does not encounter service disruptions.

Your configuration settings depend on the URL into which you log. If you aren't sure which URL to use, in the email you received when you signed up, click Log into your account. In the Login screen that appears, your login URL will appear in your browser's address bar.

To ensure continuous service, you must whitelist certain IP addresses. To see which IP addresses need to be whitelisted, consult the tab for your environment:

U.S.

Before continuing, verify the domain that you are using for your OneSpan Sign instance. The following domains are available:

US 2 (esignlive.com)

US instances that use US 2 (esignlive.com) as their domain must whitelist the following IP addresses:

Environment

URL

Incoming IP Address

Outgoing IP Address

US 2 OneSpan Sign Production

apps.esignlive.com

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

44.216.255.195

100.26.26.250

3.223.111.128

54.69.133.65

44.228.113.220

44.231.115.219

US 2 Sandbox

sandbox.esignlive.com

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

44.216.255.195

100.26.26.250

3.223.111.128

54.69.133.65

44.228.113.220

44.231.115.219

US 1 (e-signlive.com)

US instances that use US 1 (e-signlive.com) must whitelist the following IP addresses:

Environment

URL

Incoming IP Address

Outgoing IP Address

US 1 OneSpan Sign Production

apps.e-signlive.com

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

44.216.255.195

100.26.26.250

3.223.111.128

54.69.133.65

44.228.113.220

44.231.115.219

US 1 Sandbox

sandbox.e-signlive.com

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

44.216.255.195

100.26.26.250

3.223.111.128

54.69.133.65

44.228.113.220

44.231.115.219

U.S. Government

US Government instances must whitelist the following IP addresses:

Environment

URL

Incoming IP Address

Outgoing IP Address

OneSpan Sign Sandbox for Government

signer-sandbox-gov.esignlive.com

23.97.15.51

20.141.141.113

OneSpan Sign Production for Government

signer-gov.esignlive.com

23.97.15.51

20.141.143.170

Canada

The list of outgoing IP addresses has changed. If you are whitelisting IPs, you should whitelist these new IP addresses as soon as possible. Refer to the following table to see which IP addresses have been added.

Canadian instances on esignlive.ca must whitelist the following IP addresseses:

Environment

URL

Incoming IP Address

Outgoing IP Address

PRDC Canada Production

apps.e-signlive.ca

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

15.156.140.123

52.60.201.130

15.157.54.13

NEW

40.177.56.178

40.177.51.91

40.177.114.137

SBXC Canada Sandbox

sandbox.e-signlive.ca

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

15.156.140.123

52.60.201.130

15.157.54.13

NEW

40.177.56.178

40.177.51.91

40.177.114.137

Australia

Australian instances on esignlive.com.au must whitelist the following IP addresses:

Environment

URL

Incoming IP Address

Outgoing IP Address

Australia Production

apps.esignlive.com.au

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

13.238.135.55

54.66.40.113

13.236.163.91

Europe

European instances on esignlive.eu must whitelist the following IP addresses:

Environment

URL

Incoming IP Address

Outgoing IP Address

Europe Production

apps.esignlive.eu

173.245.48.0/20

103.21.244.0/22

103.22.200.0/22

103.31.4.0/22

141.101.64.0/18

108.162.192.0/18

190.93.240.0/20

188.114.96.0/20

197.234.240.0/22

198.41.128.0/17

162.158.0.0/15

104.16.0.0/13

104.24.0.0/14

172.64.0.0/13

131.0.72.0/22

3.67.57.168

52.58.156.100

3.78.35.226

18.200.13.208

54.217.222.239

52.210.59.78