Brevo logs every IP address that tries to use the API keys and SMTP keys of your sub-organizations. To protect their keys, Brevo can automatically block requests from unknown IP addresses at the sub-organization level. Sub-organization users can also manually authorize trusted IP addresses to make sure they are never blocked.

For easier management, you can authorize trusted IP addresses directly from your New Admin account and share them with all your sub-organizations in one click. You can also enforce IP authorization across all sub-organizations to ensure consistent API and SMTP security at scale.

Good to know

• Authorizing IP addresses at the Admin account level does not restrict API calls made by the Admin account itself. It only allows you to share these IP addresses with all sub-organizations for centralized management.
• When you share IP addresses, they are added to each sub-organization's existing authorized IP list — they do not replace it. Shared IPs apply to both API keys and SMTP keys.
• If you stop sharing IP addresses, the shared IPs remain in each sub-organization's authorized IP list and are not automatically removed.

Manually authorize a trusted IP address from your Admin account

You can manually authorize up to 1,000 trusted IP addresses at once from your Admin account to control which ones can make API and SMTP calls on your sub-organizations.

1. From your Admin account, go to Security > Authorized IPs.
2. Click Authorize IP addresses.

3. Choose how you want to add your IP addresses: 

   Paste listUpload file

   In the IP addresses field, enter your IP addresses. You can enter one address per line, or separate multiple addresses with commas or semicolons. The field supports IPv4, IPv4 CIDR, IPv6, and IPv6 CIDR formats.

   Drop your .csv or .txt file into the upload area, or click to browse and select it. Enter one IP address per line, or separate multiple addresses with commas. 💡 Good to know To make sure your file is formatted correctly, you can download the CSV template available in the Upload file tab. The column must be named ip_address, with one IP address per row.

4. Click Authorize IP addresses.

The IP addresses appear in your Authorized IPs list and will not be blocked.

Enforce IP authorization for all sub-organizations

You can require all sub-organizations to keep IP authorization active for API keys, SMTP keys, or both. When enforced, sub-organizations cannot deactivate IP blocking for the selected key type, but they can still manage their own list of authorized IP addresses.

You can enforce IP authorization independently for API keys and SMTP keys. Select the key type you want to configure:

Share authorized IP addresses with your sub-organizations

You can share the IP addresses you have authorized at the Admin account level with all your sub-organizations at once. Shared IPs are added to each sub-organization's existing authorized IP list and apply to both API keys and SMTP keys.

1. From your Admin account, go to Security > Authorized IPs.
2. Under Share your IP addresses with sub-accounts and third parties, click Share IP addresses.
   
3. Click Start sharing to confirm.

The authorized IP addresses are automatically added to the Authorized IP addresses list of all your sub-organizations.

Export your list of authorized IP addresses

Download your authorized IP addresses as a CSV file to keep a portable and auditable record of what's authorized on your account.

1. From your Admin account, go to Security > Authorized IPs.
2. Above the Authorized IP addresses table, click Export CSV.
   

The file is downloaded to your device.

🤔 Have a question?

If you have a question, feel free to contact our support team by creating a ticket from your account. If you don't have an account yet, you can contact us here.

If you’re looking for help with a project using Brevo, we can match you with the right certified Brevo Agency partner.