By default, your Cages can be run by any client with a valid API key, but you may want to have additional control over where your Cage can be run from.
You can now restrict your Cage to only accept invocations from a predefined set of IPs. Define a list of IP addresses and/or CIDR blocks to accept in the Evervault dashboard.
If a Cage run is requested from outside of your whitelist, the invocation will be rejected with a status code of 403, or a ForbiddenIPError in our Node & Python clients.
You can read more about Cage IP whitelisting in our docs & can get started by going to Dashboard → Cage → IP Whitelist.