Auth0 Home Blog Docs

Whitelist of ips for connection to mssql

login
#1

My hosting provider has asked me to confirm that all the IP’s need to be whitelisted in order to connect to my mssql database using the sqlServer script.

Auth0 IP range for Azure Sql Server seems to suggest it, but they are surprised by the number which I am listing here.

52.28.56.226,
52.28.45.240,
52.16.224.164,
52.16.193.66,
34.253.4.94,
52.50.106.250,
52.211.56.181,
52.213.38.246,
52.213.74.69,
52.213.216.142,
35.156.51.163,
35.157.221.52,
52.28.184.187,
52.28.212.16,
52.29.176.99,
52.57.230.214

many thanks if you could confirm for them.

#2

Yes, all the IP addresses need to be whitelisted as a request could come from any one of them.

The most up-to-date list of the IP addresses will be available from your Auth0 Management Dashboard.

1 Like
#3

Many thanks. Will pass on.

#4

Let us know if you got it working or if you need any further help!

#5

Hi, yes thank you, I have been asked this by the hosting engineers:

Is there any way that auth0 would be able to provide a Traceroute from their end? The Fact that it can come from that many IP’s makes it difficult on our end to investigate the issue to see what might be causing this, but a Traceroute may give us more info to go from if at all possible.

Is that possible?

#6

Hey @SMen!

I asked internally and it seems like this option is possible for paid users.

#7

BUT :slight_smile:

We are on AWS and you may try a trace route from a test server of your own in AWS. This might not be helpful for a lot of cases but still it is something you can try.

https://dnslytics.com/ip/52.28.56.226

Hope it helps some way!

#8

OK thank you - it is slightly chicken and egg! Considering the developer option as sole developer, but want to connect to my db! I will pass this on, and many thanks for your help.

#9

Sure let me know what you establish! Will try to provide you with any potential knowledge and support we can offer!

#10

The engineers have come back saying that nothing is blocking the connection and if I deliberately misspell a column name I am alerted to the column name being incorrect

e.g. Invalid column name ‘mispelledColumnName’)

which suggests that I am in fact connecting.

If I connect live, I am told the username or password is incorrect even though they are correct.
When using the testing system I just get ‘401 - Unauthorized’

Is there anything else I could be missing? The script is the sqlServer template.

function login(email, password, callback) {
//this example uses the “tedious” library
//more info here: http://pekim.github.io/tedious/index.html
var connection = sqlserver.connect({
userName: ‘correctusername’,
password: ‘correctpassword’,
server: ‘serverIPaddress’,
options: {
database: ‘correctDB’,
rowCollectionOnRequestCompletion: true
}
});

var query = "SELECT UserID, AdminContactFirstName, Username, Password " +
“FROM tbl_Users WHERE Username = @Email”;

connection.on(‘debug’, function (text) {
console.log(text);
}).on(‘errorMessage’, function (text) {
console.log(JSON.stringify(text, null, 2));
}).on(‘infoMessage’, function (text) {
console.log(JSON.stringify(text, null, 2));
});

connection.on(‘connect’, function (err) {
if (err) return callback(err);

var request = new sqlserver.Request(query, function (err, rowCount, rows) {
  if (err) {
    callback(new Error(err));
  } else if (rowCount < 1) {
    callback(new WrongUsernameOrPasswordError(email));
  } else {
    bcrypt.compare(password, rows[0][3].value, function (err, isValid) {
      if (err) { callback(new Error(err)); }
      else if (!isValid) { callback(new WrongUsernameOrPasswordError(email)); }
      else {
        callback(null, {
          user_id: rows[0][0].value,
          nickname: rows[0][1].value,
          email: rows[0][2].value
        });
      }
    });
  }
});

request.addParameter('Email', sqlserver.Types.VarChar, email);
connection.execSql(request);

});
}

#11

I am wondering if it is the use of bcrypt.compare

#12

Yes it is the bcrypt.compare.

1 Like
closed #13

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.