Skip to main content
We’ve recently introduced a series of API safety upgrades requiring users authorize clients or IP addresses before they can send remote commands to your server.

API Safety Enhancements

As part of these upgrades, we’ve added enhanced validation for POST commands. Requests originating from untrusted sources, meaning IP addresses that are not explicitly allowlisted, will return the following error: 4000 - "You are not authorized to perform this action on this server."

Whitelisting IPs for API Safety

If you maintain a custom bot, we recommend whitelisting specific IP addresses rather than allowing all sources to send POST commands to your server. These enhancements make that possible.
1

Login to the Server Owner API Dashboard

This page is only available to the owner of the ER:LC private server.https://api.erlc.gg/server-owners
2

Select the "Settings" tab for your server

Find the server you’re looking to whitelist IPs on and click the “settings” button by its name.
3

Create the whitelist rule

Enter an IP address into the box and a comment for organization & tracking purposes.
4

🎉 That IP will now bypass the API safety checks

You can safely POST commands from your newly added trusted source.
Creating a public bot and don’t want to share your IP address with your users?

THIS IS ONLY FOR PUBLIC APPLICATIONS THAT ARE USED BY SEVERAL USERS. IF YOU CREATE A PUBLIC APPLICATION FOR ONE SERVER, IT WILL BE DELETED WITHOUT NOTICE.
You’ll need to create a public application!