Firewall, IP, & Security

Rakuten RapidAPI uses a range of IP addresses that you might want to whitelist on your platform, it’s good practice to do so

List of IP Adresses Used by Rakuten RapidAPI

Every request coming from the Rakuten RapidAPI Network will come from the following IP addresses. You can whitelist these IPs, as they are the ones used to send requests only from Rakuten RapidAPI.

A request coming from Rakuten RapidAPI can be considered already authenticated, so no billing or authentication checks are required on the API side.

Here is the complete list of IPs to whitelist: [Updated February 15th 2019]
Notice that you must accept API requests from ALL IPs bellow, regardless of which region your servers are located in.

Region IPs
US East
US West
South America

Authenticating Rakuten RapidAPI Requests to APIs using the Rakuten RapidAPI Proxy

For security reasons, you should protect your API and block requests coming from outside the Rakuten RapidAPI infrastructure.

Rakuten RapidAPI adds the X-RapidAPI-Proxy-Secret header on every request. This header has a unique value for every API, and if the header is missing or has a different value, you can assume the request is not coming from our infrastructure. The header for this API is: X-RapidAPI-Proxy-Secret followed by a unique string.