Skip to main content

 

Eptura Knowledge Center

Domain allowlists

Allowlist requirements for Condeco devices

If you use allowlists or denylists you must allow access to the fully qualified domains listed below.

Android devices

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.appcenter.ms HTTPS/443 in.appcenter.ms Application Logging
*.connectproduction.azure-devices.net HTTPS/443 connectproduction.azure-devices.net IoT messages
*.condecoconnect.com HTTPS/443 portal.condecoconnect.com API calls (registration, RFID etc.)
*.condecoconnect.com HTTPS/443 storage.condecoconnect.com Config data and firmware versions
*.condecoconnect.com HTTPS/443 services.condecoconnect.com Connection test endpoint
Appropriate calendar service URL HTTPS/443    

NTP Service

By default, Condeco screens are configured to use the standard NTP services listed below, however, they can be configured to use a custom NTP service. At least one of the NTP servers must be added to the allowlist.

NTP Service NTP server Protocol / PORT Reason / Usage
Android time.android.com NTP/123 (UDP only) Time synchronization – only 1 required. The screen contacts the NTP servers in the order shown here.

time.local is included to allow a customer to apply an internal NTP server if required
Apple time.apple.com
Google time.google.com
Android 2.android.pool.ntp.org
Time.Local time.local
Custom NTP   NTP/123 (UDP only) A custom NTP server can be configured.

Device Hub

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.login.microsoftonline.com HTTPS/443 CondecoConnect.onmicrosoft.com Azure Active Directory Business-to-Consumer. Responsible for user account sign-up, sign-in, profile edit, and password reset functions.
portal.condecoconnect.com HTTPS/443 portal.condecoconnect.com URL for Condeco Device Hub. Used by Condeco screens and APIs.
cdn.linearicons.com HTTPS/443 https://cdn.linearicons.com/free/
1.0.0/icon-font.min.css
CSS for font icons in the Device Hub UI.
cdnjs.cloudflare.com HTTPS/443 https://cdnjs.cloudflare.com/ajax/
libs/bluebird/3.3.5/bluebird.min.js
Java Script and fonts used by Device Hub UI.
fonts.googleapis.com HTTPS/443 https://cdnjs.cloudflare.com/ajax/
libs/bluebird/3.3.5/bluebird.min.js
Fonts in Device Hub UI.
widget.uservoice.com HTTPS/443 widget.uservoice.com
condeco.uservoice.com
Customer feedback on the Device Hub.
connectblobstorage.blob.core.windows.net HTTPS/443 http://connectblobstorage.blob.
core.windows.net/
Used by Condeco storage accounts for storing various static content such as device information version information, etc.
by2.uservoice.com      
az416426.vo.msecnd.net      
fonts.gstatic.com HTTPS/443 fonts.gstatic.com Fonts in login component of the Device Hub UI.
dc.services.visualstudio.com      
*.condecoconnect.com HTTPS/443 https://westeurope.condecoconnect.com/
SelfService/
Base URL for the Device Hub and Condeco screens.

Emails

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.ct.sendgrid.net HTTPS/443 https://mc.sendgrid.com/ For sending emails
westeurope.azureedge.net HTTPS/443 https://westeurope.azureedge.net For email template file in CDN

Mobile API

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
connectpasswordless.azurewebsites.net HTTPS/443 connectpasswordless.azurewebsites.net Getting/revoking token for mobile API/add-in.
westeurope.condecoconnect.com/ HTTPS/443 https://westeurope.condecoconnect.com/ Device Hub domain URL.