Get Project IP Access List

Access List Replaces Whitelist

This resource replaces the whitelist resource. Atlas deprecated whitelists. The whitelist resource will be disabled in June 2021. Consider updating your applications to use this new resource.


Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.


The /groups/{PROJECT-ID}/accessList endpoint manages the database IP access list. This endpoint differs from the /users/{USER-ID}/whitelist endpoint, which manages an Atlas user’s API whitelist.

The Atlas API authenticates using HTTP Digest Authentication. Provide a programmatic API public key and corresponding private key as the username and password when constructing the HTTP request.

To learn how to configure API access for an Atlas project, see Configure Atlas API Access.


Base URL:

GET /groups/{PROJECT-ID}/accessList

Request Path Parameters

Parameter Type Necessity Description
PROJECT-ID string Required Unique identifier for the project from which you want to retrieve access list entries.

Request Query Parameters

This endpoint may use any of the HTTP request query parameters available to all Atlas API resources. These are all optional.

Name Type Necessity Description Default
pageNum integer Optional Page number (1-based). 1
itemsPerPage integer Optional Maximum number of items to return, up to a maximum of 100. 100
includeCount boolean Optional Specifies whether the response returns the totalCount field. true
pretty boolean Optional Indicates whether the response body should be in a prettyprint format. false
envelope boolean Optional

Flag indicating if Atlas should wrap the response in a JSON envelope.

Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query.

For endpoints that return a list of results, the results object is an envelope. Atlas adds the status field to the response body.


Request Body Parameters

This endpoint doesn’t use HTTP request body parameters.


Response Document

The response JSON document includes an array of result objects, an array of link objects and a count of the total number of result objects retrieved.

Name Type Description
results array of objects One object for each item detailed in the results Embedded Document section.
links array of objects One or more links to sub-resources and/or related resources. The relations between URLs are explained in the Web Linking Specification
totalCount integer Count of the total number of items in the result set. It may be greater than the number of objects in the results array if the entire result set is paginated.

results Embedded Document

Each element in the result array is one access list entry associated to the project IP access list.

Name Type Description
awsSecurityGroup string Unique identifier of AWS security group in this access list entry.
cidrBlock string Range of IP addresses in CIDR notation in this access list entry.
comment string Comment associated with this access list entry.
deleteAfterDate date Timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the temporary access list entry. Atlas returns this field if you specified an expiration date when creating this access list entry.
groupId string Unique identifier of the project to which this access list entry applies.
ipAddress string Entry using an IP address in this access list entry.
links object array One or more links to sub-resources and/or related resources. The relations between URLs are explained in the Web Linking Specification

Example Request

curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest --include \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --request GET "{PROJECT-ID}/accessList?pretty=true"

Example Response

Example Header

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}

Example Body

  "links": [],
  "results": [
      "cidrBlock": "",
      "comment": "IP address for Application Server A",
      "groupId": "{PROJECT-ID}",
      "ipAddress": "",
      "links": []
      "cidrBlock": "",
      "comment": "CIDR block for Application Server B - D",
      "groupId": "{PROJECT-ID}",
      "links": []
      "awsSecurityGroup": "sg-0026348ec11780bd1",
      "comment": "Access Listed AWS Security Group",
      "groupId": "{PROJECT-ID}",
      "links": []        ]
  "totalCount": 3