If your organization restricts outbound traffic by source IP, add the following C1 egress IP addresses to your firewall or application allowlist. This ensures that C1’s cloud-hosted connectors and functions can reach your systems.Documentation Index
Fetch the complete documentation index at: https://conductorone-ian-account-to-user-pipeline.mintlify.app/llms.txt
Use this file to discover all available pages before exploring further.
These addresses apply only to cloud-hosted connectors and functions. If you self-host connectors in your own environment, outbound traffic originates from your own infrastructure and these IPs do not apply.
Connector egress IPs
Cloud-hosted connectors use the following IP addresses for outbound traffic to your integrated systems (such as syncing data and provisioning accounts):Function egress IPs
Functions use the following IP addresses for outbound traffic:C1 hostnames
If your organization uses a web proxy, content filter, or firewall that restricts outbound HTTPS traffic, add the following hostnames to your allowlist. This ensures that users can access the C1 web application and that AI (MCP) traffic flows correctly.| Hostname | Port | Purpose |
|---|---|---|
assets.ctr1.net | 443 | CDN — JavaScript, CSS, and images for the web application |
<tenantName>.conductor.one | 443 | Web application and API endpoints |
<tenantName>-mcp.conductor.one | 443 | AI traffic (MCP protocol) |
accounts.conductor.one | 443 | Login and SSO flow |
<tenantName> with your organization’s C1 tenant name.
Staying informed of changes
IP addresses are subject to change. To stay informed:- Subscribe to the release notes RSS feed for announcements about infrastructure changes including IP address updates.
- Check status.conductorone.com for real-time operational status and subscribe to status page notifications.
- Contact your account team if you need advance notice of IP changes for compliance programs such as SOX and SOC 2.