# IP Whitelisting

IP whitelisting provides an additional layer of security for your API integrations by restricting access to requests originating from pre-approved IP addresses. This approach significantly reduces the risk of unauthorized access, even if credentials are compromised, by ensuring that API calls can only be made from trusted network locations. 

IP whitelisting is particularly valuable for enterprise environments where API access occurs from known, static locations such as corporate networks or dedicated servers. By limiting the attack surface, IP whitelisting helps protect sensitive financial data, ensures regulatory compliance, and provides an audit trail of authorised access points.

To whitelist an IP, add the allowed IPs when creating the token, or alternatively select `Edit` on your active token and then `Add More` to add all approved IP addresses to the list of valid IPs. To enhance security while testing the API on your local device, you can add your current IP using the `Add my IP` option. 

<figure><img src="https://1520949674-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FLGr6a1Wcc9zB3XAdNNQu%2Fuploads%2FyddTmLC0Hucfhgh2EduV%2Fimage.png?alt=media&#x26;token=f325496c-2108-4f2a-bdc9-4847b8b5a1a5" alt=""><figcaption></figcaption></figure>

When finished, select `Save`. \
\
If API requests are made from any non-whitelisted IP addresses, Sesame will return a 401 Unauthorised result, which will also be available in the logs.