Skip to main content

APS: Your organisation's firewall and proxy rule requirements

Updated this week

As part of the APS transition to The Access Group, our application URLs have changed. As a result, you need to update your organisation's Firewall/Proxy rules to make sure you can continue to access APS applications.
​
If you have any concerns or questions about this change, please raise a new case online and reference the title of this article. Our support staff will then be able to assist you.
​
Please add all of the following rules to your Firewall/Proxy configuration. (Some of these may already be configured.)
​

Common for APS Cloud

  • idp-api.access-aps.com:443

  • idp.access-aps.com:443

  • identity-backend.access-aps.com:443

  • cognito-idp.ap-southeast-2.amazonaws.com:443

  • auth.access-aps.com:443

  • auth-portal.access-aps.com:443

  • core-api.access-aps.com:443

  • tum-api.access-aps.com:443

  • kafka.access-aps.com:17910

  • kafka-aps-prod-aps-prod.aivencloud.com:17913

Product update downloads

  • acccore-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • acccore-autoupdateservice-prod.s3.ap-southeast-2.amazonaws.com:443

  • acccore-schedulingservice-prod.s3.ap-southeast-2.amazonaws.com:443

  • acctimesheets-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsaustaxreturnintegration-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclient-onboarding-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclienthub-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclients-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apstenants-prod.s3.ap-southeast-2.amazonaws.com:443

Timesheets

  • timesheets.access-aps.com:443

  • timesheets-api.access-aps.com:443

APS+

  • contacts.access-aps.com:443

  • contacts-api.access-aps.com:443

  • addresses-api.access-aps.com:443

  • workflow.access-aps.com:443

  • workflow-api.access-aps.com:443

  • users.access-aps.com:443

  • users-api.access-aps.com:443


NZ Tax

  • nztax.access-aps.com:443

  • nztax-api.access-aps.com:443

  • gatewayservice-api.access-aps.com:443

  • https://tdsservice-api.access-aps.com/v3:443


Legacy Cloud

  • hub.access-aps.com:443

  • coreaps-api.access-aps.com:443

  • clienthub.access-aps.com:443

  • piq-powerbi.access-aps.com:443

  • xeromapping.access-aps.com:443

  • xeromapping-api.access-aps.com:443


These rules should already be in place and should not be removed unless advised:

  • logs.ap-southeast-2.amazonaws.com:443

  • cognito-identity.ap-southeast-2.amazonaws.com:443

  • auth.aps.reckonapi.com:443

  • core.aps.reckonapi.com:443

  • timesheets.aps.reckonapi.com:443

  • hub.aps.reckonapi.com:443

  • timesheets.aps.reckon.com:443

  • workflow.aps.reckon.com:443

  • contacts.aps.reckon.com:443

  • tum.aps.reckonapi.com:443

  • kafka.aps.reckon.com:17910

  • kafka-aps-prod-aps-prod.aivencloud.com:17913

Did this answer your question?