Network Access
In order to be able to access the Scantrust REST API, the below ports and hostnames need to be accessible:
Ports
- 80 - HTTP
- 443 - HTTPS
Hostnames
Below are the domainnames for our testing and production environment:
Testing / Staging:
api.staging.scantrust.io
Production:
api.scantrust.com
NOTE: AWS autoschedules both STAGING and PRODUCTION environments, with backup nodes automatically instantiated in the event of node failure. These backup nodes may have different IP addresses than previously reported. To prevent traffic issues, we recommend applying firewall rules on your environment that filter traffic based on hostnames rather than IP addresses.
HTTS SSL Certificates
For some systems, it is required to add trust-relationships for the SSL certificates used by our servers All Scantrust certificates are derived from the Amazon Root CA Certs:
Root Certificate Authority:
- CN=Amazon Root CA 1,O=Amazon,C=US
Scantrust currently uses the above CA but to be safe we suggest to add all five amazon root certificate authorities. Though it is unlikely we will change our CA in the near future, it will prevent a failure should a future update occur.