Ip address list for api.zoom.us?

Using this template helps us debug your issues more effectively :slight_smile:

Description
Trying to locate a list of the ip addresses used for api_zoom_us. Arrgh, your forum software is limiting me to only two ‘links’ in a posting. So I’ll have to obfuscate my references to URLs and ip addresses in order to get this message to actually post.

Error
An FQDN address object in our firewall is not successfully resolving all of the ip addresses for api_zoom_us and this is causing traffic to be blocked.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
All API calls to api_zoom_us

Which Endpoint/s?
Yes, I’m trying to find out the ip addresses for all api_zoom_us endpoints.

How To Reproduce (If applicable)
Send API traffic through our firewall to api_zoom_us

Screenshots (If applicable)
Not applicable.

Additional context
SSL traffic to api.zoom.us seems to attempt to reach out to: 52_202_62_238.
Other traffic to api.zoom.us seems to reach out to: 52_202_62_237

Hey @jcritch,

Thank you for reaching out to the Zoom Developer Forum. Are you able to provide more detail on how you’re seeing this?

To make sure I understand, you make a request to the HTTPS endpoint and that fails because your firewall resolves the IP in the DNS Zone which is 52.202.62.237 and the response for the request resolves at request-time to end with .238?

Thanks,
Max

Hello, what you are describing is how we discovered there may be several ip addresses for the api.zoom.us. 52_202_62_237 and 52_202_62_238. These are not listed in the Zoom Support list of ip addresses to configure in a firewall. I’m trying to build a firewall rule that will allow traffic to ALL of the ip addresses associated with api.zoom.us. Our firewall is supposed to accomplish this using an FQDN Address Object that uses the URL and resolves it to the ip addresses. However, sometimes this does not resolve to all of the ip addresses a URL resolves to

So, what I am trying to find is a list of ALL the ip addresses used for the Zoom API at api_zoom_us. Then I can build a list of these ip addresses in the firewall for the firewall allow rule to use.

Where may I obtain such a list? The api_zoom_us and the ip addresses we have discovered are not listed in the general purpose ip address list Zoom Support maintains for customers to allow through their firewall to access Zoom services.

The Zoom API documentation describes ‘endpoints’ without defining the term. My assumption is these Zoom API Endpoints may be servers or ip addresses that the various services in the API are accessed and published through. May understanding of Zoom API Endpoints may not be correct.

(to post in this forum, as a new user, I have to obfuscate ip addresses and URLS so they are not considered ‘links’. Since ‘new users’ are restricted to only two ‘links’ in a forum post. ‘.’ replaced with ‘_’)

Hey @jcritch,

Thank you for following up on this. Currently, we don’t have an endpoint or another tool that would provide the IP addresses for this. However, if you’re seeing a different IP is resolved then that’s an issue our engineering team should investigate.

I’m thinking we’ll want to make a change to the DNS zone here to make sure it’s up-to-date.

When testing this on my end, I haven’t been able to reproduce the issue so far. Is there a specific API that you’re calling when you see this happen? If so, please provide it here.

Likewise, if there is a tool like Postman or cURL where I can see this please share steps for that too.

Thanks,
Max

I do not see the API calls that are being sent to API_Zoom.us from our system.

All I need is the list of ip addresses associated with the API_ZOOM_US site.

Hey @jcritch,

Can you clarify what you mean by this? I’m not sure what you are referring to when using underscores (’_’) instead of decimals (’.’) for a domain name.

Thanks,
Max

The Zoom Forum system does not allow me to use ‘.’! It says I am entering too many ‘Links’ as a ‘first time poster’ and does not let me save the message I’ve typed! So, I have to go back through and obfuscate ip addresses, domains, URLs with ‘_’ instead of ‘.’ just to get the message saved! So I leave a comment in the posting stating the above, for just such a question as you have asked.

Hey @jcritch,

Sorry for the delay here and for the duplicate question. You mentioned that earlier but I seemingly forgot that’s what was happening there.

The list of IPs for the api.zoom.us site is what can be found by check the DNS Zone for that domain:

https://toolbox.googleapps.com/apps/dig/#A/api.zoom.us

If you’re seeing different behavior, I’ll need to investigate that case directly and work with our engineering team.

Do you have steps for me to see this issue on my end?

Thanks,
Max