# IP Allowlisting

IP allowlisting allows you to explicitly restrict access to specific IP addresses and/or CIDR notations for APIs. We highly recommend using this feature as an additional security protection. The feature is available for both **Inbound and Outbound** routes.

Enable IP allowlisting on a route:

* Enter an IP or CIDR to match the IP address the request is made from. For example `172.16.254.1`, `2001:db8:0:1234:0:567:8:1`, `192.168.1.15/24`. Multiple IP addresses could be added separated by a comma
* Click return
* Save the route