home

Basics

Zuora BillingZuora PaymentsZuora PlatformZuora CPQZephrZuora RevenueAccounts ReceivableRelease NotesBasicsEntitlementsSupport and policies
Zuora BillingZuora PaymentsZuora PlatformZuora CPQZephrZuora RevenueAccounts ReceivableRelease NotesBasicsEntitlementsSupport and policies

Welcome to Zuora Product Documentation

Explore our rich library of product information

Show Contents

thumbnailBasics

Zuora Data Centers

Inbound and outbound IP addresses

Reference information about inbound and outbound connectivity at Zuora.

Some organizations limit outbound communication to the Internet from internal resources for security purposes and require an allow list of trusted inbound and outbound connections. If your firewalls require outbound connection permissions, you must add the Zuora IP address to your allow list. For information about the Zuora full certification chain for production and API Sandbox environments, see Full certification chain.

Inbound IP addresses to Zuora

As part of our ongoing commitment to ensure the highest availability and optimal security of Zuora services, we leverage next-generation cloud technologies. Due to the dynamic nature of public cloud infrastructure, Zuora services are not hosted on a fixed set of IP addresses. If you need to permit Zuora traffic, we recommend you use DNS based allow lists for Zuora integrations.

It is important to Payment Gateways which IP allow list our traffic or customers who have to configure inbound firewall rules to all HTTPS notification calls from Zuora. Usually, there is no impact on the ability of customers to receive emails from Zuora application.

IP addresses to US services environments

DNS based allow list is preferred because the registered service name stays the same when the service expands to use more IP addresses.

Note:

Due to the dynamic nature of public cloud infrastructure that Zuora's Service Environments are deployed on, we discourage our customers from implementing outbound allow list capability based on IP address restrictions. IP addresses are subject to change without advance notice as new server instances are created to handle the load.

Inbound and Outbound IP Addresses for Collections, Workflow, Commerce, and Marketplace

If you want to receive emails, SFTP connection requests, or API calls from Zuora Collections, Zuora Workflow, Zuora Commerce, or Marketplace (formerly known as Connect), add the following IP addresses to your allow list:

  • 3.66.181.151

  • 3.72.120.178

  • 3.72.209.33

  • 4.71.24.46 (this IP address is for testing SFTP connections with bank servers)

  • 18.194.185.125

  • 18.197.110.107

  • 34.218.15.157

  • 35.155.216.3

  • 35.156.120.222

  • 52.26.252.153

  • 52.33.107.0

  • 52.35.247.230

  • 52.37.233.34

  • 52.39.100.104

  • 52.40.19.141

  • 52.89.135.4

  • 54.68.23.116

  • 54.71.138.87

In addition to the addresses listed above, the following IP addresses must be added to your allow list for non-production environments:

  • 3.65.51.43

  • 3.66.144.234

  • 18.196.118.61

  • 18.196.79.49

  • 18.198.47.111

  • 35.161.181.38

  • 44.226.112.161

  • 44.232.2.249

  • 50.112.203.250

  • 52.37.16.34

  • 13.115.169.111

  • 54.168.26.254

In addition to the addresses listed above, the following IP addresses must be added to your allow list for production environments:

  • 3.66.144.234

  • 3.72.192.189

  • 3.124.7.222

  • 18.193.237.5

  • 18.198.47.111

  • 35.155.99.130

  • 35.161.181.38

  • 44.230.234.43

  • 50.112.203.250

  • 54.70.147.75

  • 13.115.169.111

  • 54.168.26.254

Last updated: October 10, 2025