Domain Allow List
In order for an Engage deployment to be accessible in your network, the following domains must be allowed:
| Domain/URL allow list | Purpose | IP Ranges | Ports | Direction | Traffic |
| --- | --- | --- | --- | --- | --- |
| engage..localmeasure.com | Engage Agent desktop and corresponding back end. Replace with one of the following: uk, us, syd, ca | Cloudfront https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html | 443 (TCP) | Outbound | Send/Receive |
| ..localmeasure.com | Engage Agent desktop and corresponding back end. Replace with one of the following: uk, us, syd, ca | Cloudfront https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html | 443 (TCP) | Outbound | Send/Receive |
| Customer-Deployed | This is deployed into the customer’s AWS account each time a Cloudformation update is run. The URL changes each time and needs to be updated after every upgrade. You can find this URL in your Engage settings panel under “General Settings → Main Configuration → Local Measure Connection → API Gateway URL” | API Gateway https://ip-ranges.amazonaws.com/ip-ranges.json | 443 (TCP) | Outbound | Send/Receive |
| app.launchdarkly.com | Enable this if you wish to get access to Beta features | https://docs.launchdarkly.com/home/infrastructure/ip-list | 443 (TCP) | Outbound | Send/Receive |
| clientstream.launchdarkly.com | Enable this if you wish to get access to Beta features | https://docs.launchdarkly.com/home/infrastructure/ip-list | 443 (TCP) | Outbound | Send/Receive |
| events.launchdarkly.com | Enable this if you wish to get access to Beta features | https://docs.launchdarkly.com/home/infrastructure/ip-list | 443 (TCP) | Outbound | Send/Receive |
| https://logs.browser-intake-datadoghq.com/ | error logs for application monitoring | https://docs.datadoghq.com/api/latest/ip-ranges/ | 443 (TCP) | Outbound | Send/Receive |
| www.facebook.com | Enable this only if Facebook chat is required | N/A | 443 (TCP) | Outbound | Send/Receive |
| connect.facebook.net | Enable this only if Facebook chat is required | N/A | 443 (TCP) | Outbound | Send/Receive |
| cdn.segment.com | Application analytics | | 443 (TCP) | Outbound | Send/Receive |
IP Address Ranges
Local Measure Services
Local Measure leverages AWS Cloudfront to host and serve Engage. In order to reach the Engage SaaS-hosted services, your network must be able to reach the IP’s listed in the documented IP Range list provided by AWS. Please see here for the full list:
Locations and IP address ranges of CloudFront edge servers - Amazon CloudFront
Customer-Deployed Services
Engage also leverages AWS API Gateway as part of the Cloudformation Stack deployed and hosted in your AWS Environment as a customer. The API Gateway service leverages an EDGE type API Gateway and can be accessed by using the ip-ranges.json file.
Additional 3rd Party Services
Additionally, Local Measure leverages a number of 3rd party services for extended functionality such as analytics, user-metrics and beta feature toggling. For access to full Local Measure functionality and support, we highly recommend whitelisting the domains and/or IP addresses of these services listed.