Allowlist requirements for Condeco devices

If you use allowlists or denylists you must allow access to the fully qualified domains listed below.

Android 8 devices

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.appcenter.ms HTTPS/443 in.appcenter.ms Application Logging
*.connectproduction.azure-devices.net HTTPS/443 connectproduction.azure-devices.net IoT messages
*.condecoconnect.com HTTPS/443 portal.condecoconnect.com API calls (registration, RFID etc.)
*.condecoconnect.com HTTPS/443 storage.condecoconnect.com Config data and firmware versions
*.condecoconnect.com HTTPS/443 services.condecoconnect.com Connection test endpoint
Appropriate calendar service URL HTTPS/443

NTP Service

By default, Condeco screens are configured to use the standard NTP services listed below, however, they can be configured to use a custom NTP service. At least one of the NTP servers must be added to the allowlist.

NTP Service NTP server Protocol / PORT Reason / Usage
Android time.android.com NTP/123 (UDP only) Time synchronization – only 1 required. The screen contacts the NTP servers in the order shown here.

time.local is included to allow a customer to apply an internal NTP server if required
Apple time.apple.com
Google time.google.com
Android 2.android.pool.ntp.org
Time.Local time.local
Custom NTP NTP/123 (UDP only) A custom NTP server can be configured.

Device Hub

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.login.microsoftonline.com HTTPS/443 CondecoConnect.onmicrosoft.com Azure Active Directory Business-to-Consumer. Responsible for user account sign-up, sign-in, profile edit, and password reset functions.
portal.condecoconnect.com HTTPS/443 portal.condecoconnect.com URL for Condeco Device Hub. Used by Condeco screens and APIs.
cdn.linearicons.com HTTPS/443 https://cdn.linearicons.com/free/
1.0.0/icon-font.min.css
CSS for font icons in the Device Hub UI.
cdnjs.cloudflare.com HTTPS/443 https://cdnjs.cloudflare.com/ajax/
libs/bluebird/3.3.5/bluebird.min.js
Java Script and fonts used by Device Hub UI.
fonts.googleapis.com HTTPS/443 https://cdnjs.cloudflare.com/ajax/
libs/bluebird/3.3.5/bluebird.min.js
Fonts in Device Hub UI.
widget.uservoice.com HTTPS/443 widget.uservoice.com
condeco.uservoice.com
Customer feedback on the Device Hub.
connectblobstorage.blob.core.windows.net HTTPS/443 http://connectblobstorage.blob.
core.windows.net/
Used by Condeco storage accounts for storing various static content such as device information version information, etc.
by2.uservoice.com
az416426.vo.msecnd.net
fonts.gstatic.com HTTPS/443 fonts.gstatic.com Fonts in login component of the Device Hub UI.
dc.services.visualstudio.com
*.condecoconnect.com HTTPS/443 https://westeurope.condecoconnect.com/
SelfService/
Base URL for the Device Hub and Condeco screens.

Emails

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
*.ct.sendgrid.net HTTPS/443 https://mc.sendgrid.com/ For sending emails
westeurope.azureedge.net HTTPS/443 https://westeurope.azureedge.net For email template file in CDN

Mobile API

Domain Protocol / PORT Fully Qualified Domain Names
(remove word wrap space if copying)
Reason / Usage
connectpasswordless.azurewebsites.net HTTPS/443 connectpasswordless.azurewebsites.net Getting/revoking token for mobile API/add-in.
westeurope.condecoconnect.com/ HTTPS/443 https://westeurope.condecoconnect.com/ Device Hub domain URL.

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Condeco Support

Post Comment