Skip to main content

APS: Your organisation's firewall and proxy rule requirements

As part of the APS transition to The Access Group, our application URLs have changed. As a result, you need to update your organisation's Firewall/Proxy rules to make sure you can continue to access APS applications.

If you have any concerns or questions about this change, contact support and reference the title of this article.

Please add all of the following rules to your Firewall/Proxy configuration. (Some of these may already be configured.)

Common for APS Cloud

  • idp-api.access-aps.com:443

  • idp.access-aps.com:443

  • identity-backend.access-aps.com:443

  • cognito-idp.ap-southeast-2.amazonaws.com:443

  • auth.access-aps.com:443

  • auth-portal.access-aps.com:443

  • core-api.access-aps.com:443

  • tum-api.access-aps.com:443

  • kafka.access-aps.com:17910

  • kafka-aps-prod-aps-prod.aivencloud.com:17913

Product update downloads

  • acccore-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • acccore-autoupdateservice-prod.s3.ap-southeast-2.amazonaws.com:443

  • acccore-schedulingservice-prod.s3.ap-southeast-2.amazonaws.com:443

  • acctimesheets-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsaustaxreturnintegration-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclient-onboarding-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclienthub-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apsclients-apps-prod.s3.ap-southeast-2.amazonaws.com:443

  • apstenants-prod.s3.ap-southeast-2.amazonaws.com:443

Timesheets

  • timesheets.access-aps.com:443

  • timesheets-api.access-aps.com:443

APS+

  • contacts.access-aps.com:443

  • contacts-api.access-aps.com:443

  • addresses-api.access-aps.com:443

  • workflow.access-aps.com:443

  • workflow-api.access-aps.com:443

  • users.access-aps.com:443

  • users-api.access-aps.com:443


NZ Tax

  • nztax.access-aps.com:443

  • nztax-api.access-aps.com:443

  • gatewayservice-api.access-aps.com:443

  • https://tdsservice-api.access-aps.com/v3:443


Legacy Cloud

  • hub.access-aps.com:443

  • coreaps-api.access-aps.com:443

  • clienthub.access-aps.com:443

  • piq-powerbi.access-aps.com:443

  • xeromapping.access-aps.com:443

  • xeromapping-api.access-aps.com:443


These rules should already be in place and should not be removed unless advised:

  • logs.ap-southeast-2.amazonaws.com:443

  • cognito-identity.ap-southeast-2.amazonaws.com:443

  • auth.aps.reckonapi.com:443

  • core.aps.reckonapi.com:443

  • timesheets.aps.reckonapi.com:443

  • hub.aps.reckonapi.com:443

  • timesheets.aps.reckon.com:443

  • workflow.aps.reckon.com:443

  • contacts.aps.reckon.com:443

  • tum.aps.reckonapi.com:443

  • kafka.aps.reckon.com:17910

  • kafka-aps-prod-aps-prod.aivencloud.com:17913

Did this answer your question?