# Domain Whitelist

In some cases, outbound connections from your app to the JourneyApps platform can get blocked by systems such as Firewalls or Web Proxies. These are usually configured by an organization’s IT infrastructure team for internal company networks. Because of this, we would recommend that you work with your IT teams to whitelist the core JourneyApps domains.

Below is the complete list of all JourneyApps domains that need to be whitelisted.

For general compatibility, we recommend whitelisting **\*.journeyapps.com**. More specific necessary domains are listed below:

<table><thead><tr><th width="371">Domain</th><th>Notes</th></tr></thead><tbody><tr><td><strong>https://run-</strong><em><strong>us</strong></em><strong>.journeyapps.com/*</strong></td><td><ul><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><strong>https://run-staging-</strong><em><strong>us</strong></em><strong>.journeyapps.com/*</strong></td><td><ul><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><strong>https://run-testing-</strong><em><strong>us</strong></em><strong>.journeyapps.com/*</strong></td><td><ul><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><strong>https://</strong><em><strong>app-deployment-id</strong></em><strong>.backend.</strong><em><strong>us</strong></em><strong>.journeyapps.com/*</strong></td><td><ul><li><p>The <em>app-deployment-id</em> can be found in a deployment's <a href="../../backend-api/introduction#enabling-the-api"><em>Manage API</em></a> page.</p><ul><li>Or, use a wildcard: <strong>*.backend.us.journeyapps.com/*</strong></li></ul></li><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><strong>https://accounts.journeyapps.com/*</strong></td><td></td></tr><tr><td><strong>https://app-config.journeyapps.com/*</strong></td><td></td></tr><tr><td><strong>https://diagnostics.journeyapps.com/*</strong></td><td>Partially deprecated</td></tr><tr><td><strong>https://flight-recorder.journeyapps.com</strong></td><td></td></tr><tr><td><strong>https://update.journeyapps.com</strong></td><td></td></tr><tr><td><strong>https://</strong><em><strong>us</strong></em><strong>-cc-scheduler.journeyapps.com</strong></td><td><p></p><ul><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><strong>https://</strong><em><strong>app-deployment-id</strong></em><strong>.cloudcode.</strong><em><strong>us</strong></em><strong>.journeyapps.com/*</strong></td><td><ul><li><p>The <em>app-deployment-id</em> can be found in a deployment's <a href="../../backend-api/introduction#enabling-the-api"><em>Manage API</em></a> page.</p><ul><li>Or, use a wildcard: <strong>*.cloudcode.us.journeyapps.com/*</strong></li></ul></li><li>Replace <em>us</em> with <em>eu</em> if your app is hosted in the EU region</li><li>Replace <em>us</em> with <em>au</em> if your app is hosted in the AU region</li></ul></td></tr><tr><td><p></p><p><strong>https://a.tiles.mapbox.com/*</strong></p><p></p><p><strong>https://api.tiles.mapbox.com/*</strong></p></td><td>These Mapbox domains are only needed for rendering maps.</td></tr><tr><td><p></p><p><strong>https://appinstall.xyz/*</strong></p><p></p><p><strong>https://manifest.journeyapps.com/*</strong> </p></td><td>Only needed for manual container downloads and automatic updates for Windows containers.</td></tr><tr><td><strong>https://*.poweredbyjourney.com</strong></td><td>This domain can be restricted to your specific CloudCode deployments, if required at all.</td></tr><tr><td><strong>https://d23a8uuk1onotf.cloudfront.net</strong></td><td>Note:  We are investigating moving this over to a journeyapps.com domain as well.</td></tr></tbody></table>

{% hint style="info" %}
**Additional important notes**

* All egress firewall rules should be TCP 443
* We recommend that you do not whitelist the IP addresses behind these domains as our systems use dynamic IP addresses for load balancing and redundancy purposes meaning the IP address will change over time.
  {% endhint %}

### Push Notifications <a href="#push-notifications-1" id="push-notifications-1"></a>

In order to receive push notifications, you will need to also ensure communication with APN, and on Android with FCM

Apple: [If your Apple devices aren't getting Apple push notifications - Apple Support](https://support.apple.com/en-us/HT203609)\
Android: [FCM | Firebase](https://firebase.google.com/docs/cloud-messaging/concept-options#messaging-ports-and-your-firewall)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.journeyapps.com/reference/technical/domain-whitelist.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.