Views: 1768
Last Modified: 28.10.2021

When using Bitrix24 On-premise, network administrator must consider an option within the security policy to grant network access for REST-applications.

The following permissions must be granted to Bitrix24:

  • Outbound requests for (for app mechanism) and (for applications marketplace).
  • Inbound requests from app servers (addresses depend from specific applications).

The following permissions must be granted for an app at the developer's server:

  • Outbound requests to
  • Outbound requests to Bitrix24 Self-hosted server.
  • Inbound requests from servers mp_actions.*, when app uses event mechanisms, automation rules or custom workflow actions.

Current IP: and

Note: Bitrix24 tries to avoid changing these addresses, however, sometimes it happens. It's better to use IP addresses for specified resolved domain names.

In addition to these static URLs, dynamic URLs can be used for outbound webhooks. Send a query to to receive list of such URLs.

Example of query via curl:

$ curl
"nodes": [""]

Use the retrieved list of nodes array's IP addresses to update firewall rules. This list contains dynamically updated computer addresses receiving outbound webhooks at the moment of query.

Sampling frequency: 1 per minute max, but preferable once each 5 minutes. VM pool scaling mechanism is designed to pre-list 5 minutes before retrieving webhooks from a new address.

Courses developed by Bitrix24