AllowedIpRange Resource

The AllowedIpRange resource represents a permitted IP address CIDR range for admin login requests to a chain in the Spaaza platform. When a chain has one or more AllowedIpRange entries, admin login requests must originate from an IP address that falls within at least one of those CIDR ranges.

Introduction
Available Paths
Properties
Sample AllowedIpRange JSON

Introduction

An AllowedIpRange in Spaaza represents a permitted IP address range for admin login requests. When configured, the IP whitelisting feature restricts admin access to requests originating from approved IP address ranges. Key aspects include:

CIDR notation for IP ranges (e.g. 146.188.0.0/16 or 203.251.12.14/24)
Optional notes field for documenting the purpose or location of each range
Super-user exemption configurable at the chain level via the ip_whitelist_super_user_exemption property on the Chain resource
Full audit trail with last_updated_by, created_date, and last_modified_date tracking

All write operations (POST, PUT, PATCH, DELETE) require super-user admin access.

Available Paths

Single Resource Operations

GET /resources/allowed_ip_range/{id} - Retrieve an allowed IP range by ID
GET /resources/allowed_ip_range?cidr={value} - Retrieve an allowed IP range by CIDR identifier
POST /resources/allowed_ip_range - Create a new allowed IP range
PUT /resources/allowed_ip_range/{id} - Update an allowed IP range by ID
PUT /resources/allowed_ip_range?cidr={value} - Update an allowed IP range by CIDR identifier
PATCH /resources/allowed_ip_range/{id} - Partially update an allowed IP range by ID
PATCH /resources/allowed_ip_range?cidr={value} - Partially update an allowed IP range by CIDR identifier
DELETE /resources/allowed_ip_range/{id} - Delete an allowed IP range by ID
DELETE /resources/allowed_ip_range?cidr={value} - Delete an allowed IP range by CIDR identifier

Note: For single resource retrieval by identifier parameter, you can use any property marked with identifier: true in the "Spaaza Vendor Attributes" column in the Properties table below.

Multiple Resource Operations

GET /resources/allowed_ip_ranges - Retrieve a list of allowed IP ranges with optional filtering and pagination

Properties

The AllowedIpRange resource includes the following properties, listed alphabetically:

Name	Description	Standard Attributes^(details)	Spaaza Vendor Attributes^(details)
`chain`	Chain to which this IP range belongs	type: object readOnly: true nullable: false	recursionLevel: 1 immutable: true
`cidr`	IP CIDR range in dotted slash notation (e.g. `146.188.0.0/16`)	type: string format: cidr nullable: false maxLength: 255	recursionLevel: 1 identifier: true filter-property: true required-in: ["post"] operations: ["get", "post", "put", "patch", "delete"]
`created_date`	Timestamp when this IP range was created	type: date-time readOnly: true	recursionLevel: 2 immutable: true sort-by-property: true
`deleted`	Whether this IP range has been deleted	type: boolean readOnly: true	recursionLevel: 1
`id`	AllowedIpRange identifier	type: integer readOnly: true	recursionLevel: 0 identifier: true filter-property: true immutable: true operations: ["get", "put", "patch", "delete"]
`last_modified_date`	Timestamp when this IP range was last modified	type: date-time readOnly: true	recursionLevel: 2 immutable: true sort-by-property: true
`last_updated_by`	Admin user who last created, updated or deleted this IP range	type: object readOnly: true nullable: true	recursionLevel: 2
`notes`	Optional notes describing the purpose or location of the IP range	type: string nullable: true maxLength: 255	recursionLevel: 1 operations: ["post", "put", "patch"]

Property Notes

Identifier Properties: Both id and cidr can be used as identifier parameters for retrieving, updating, or deleting allowed IP ranges.
Required Fields: The cidr property is required when creating new allowed IP ranges (POST).
Chain Reference: The chain property refers to the Chain resource. The chain is automatically set from the X-Spaaza-Chain-ID header and cannot be modified.
Filter Properties: Properties marked with filter-property: true can be used to filter results when retrieving multiple allowed IP ranges.
Sortable Properties: Properties marked with sort-by-property: true can be used with the sort_by query parameter when retrieving multiple allowed IP ranges. See Pagination and Sorting for details.
Write Access: All write operations (POST, PUT, PATCH, DELETE) require super-user admin access.
Audit Trail: The last_updated_by property automatically records the admin user who last created, updated, or deleted the IP range.
Recursion Levels: The recursionLevel attribute controls at which API response detail levels each property is included.

Sample AllowedIpRange JSON

Here is an example of an AllowedIpRange resource as returned by the API:

{
  "chain": {
    "id": 1743,
    "name": "Example Retail Chain"
  },
  "cidr": "146.188.0.0/16",
  "created_date": "2026-05-20T10:00:00+00:00",
  "deleted": false,
  "id": 42,
  "last_modified_date": "2026-05-20T10:00:00+00:00",
  "last_updated_by": {
    "id": 987
  },
  "notes": "Office network - Amsterdam HQ"
}

This example shows a typical AllowedIpRange resource with chain association and audit information. The actual properties returned depend on the requested recursion level.

Contents​

Introduction​

Available Paths​

Single Resource Operations​

Multiple Resource Operations​

Properties​

Property Notes​

Sample AllowedIpRange JSON​

Contents