SendGrid Allowed IP Configuration
VIDEO TRANSCRIPT | Recorded: 2025-10-30 | Verify against current system state
Abstract¶
Troubleshooting guide for when SendGrid blocks login due to IP whitelist restrictions. Even on VPN, home IP may be detected instead of allowed office IP. Documents workarounds (remote to office PC or allowed servers), login process via Twilio, two-factor authentication setup, and IP access management settings. Discusses whether to keep whitelist enabled given security benefits.
Key Procedures¶
- Identify IP whitelist lockout from error message
- Workaround 1: Remote into colleague's office computer
- Workaround 2: RDP to any whitelisted server (Aptify, Azure web servers)
- Log in via Twilio SendGrid (sendgrid.com redirects to Twilio)
- Use 1Password for "Twilio IT support at amp.org" credentials
- Enter 2FA code from 1Password (OTP configured)
- Add current IP to allowed list if needed
- Access IP management via Settings > IP Access Management
- Audit and clean up old IP addresses
Notable Statements¶
- 0:00:25 "The IP address isn't a listed... it's always because my IP address is not in the allowed list"
- 0:00:50 "This occurs for me even though I am connected to the VPN"
- 0:01:02 "A lot of times even though I'm on the VPN, SendGrid is still seeing my home IP address"
- 0:01:19 "This happens maybe every three months or so"
- 0:01:31 "Hector helped me out by allowing me to take over his computer... because he was in the office"
- 0:01:36 "If you were in the physical AANP office, the IP address will come through correctly"
- 0:01:57 "You can log into any of the Aptify or Azure servers that... are on the allowed list"
- 0:02:42 "Why do we have this turned on? It causes a lot of angst... but there is a reason for it"
- 0:02:59 "Once I disable the allow list, I believe that these will disappear"
- 0:03:20 "It does show you recent attempts that weren't successful"
- 0:03:30 "You can see that this is doing a good thing by keeping us safe"
- 0:04:00 "SendGrid was purchased by Twilio"
- 0:04:07 "From 1Password, you want to find the one that says Twilio IT support at amp.org"
- 0:04:34 "I don't have to wait for it to go to an email or to a text. I can actually just put in this one-time password"
- 0:05:06 "Unfortunately you can't add comments which would have been really nice"
- 0:06:11 "SendGrid is used for our legacy apps to send out conference registration receipts"
- 0:06:40 "It's also used in our SQL servers for email notifications"
Systems & Configurations¶
Systems Mentioned¶
- SendGrid (email service)
- Twilio (SendGrid parent company)
- 1Password (credential storage)
- VPN
- SQL Server (email notifications)
- Aptify (legacy app emails)
- Azure web servers
Specific Configurations¶
| Item | Value/Setting | Timestamp | Notes |
|---|---|---|---|
| Login URL | sendgrid.com > Twilio | 0:04:00 | Redirects to Twilio auth |
| 1Password entry | Twilio IT support at amp.org | 0:04:07 | Has 2FA OTP saved |
| IP setting location | Settings > IP Access Management | 0:05:00 | View/edit allowed IPs |
| Allowed IPs needed | AANP HQ, VPN, DC, Azure, Aptify servers | 0:05:25 | Core whitelist |
Credentials/Access Mentioned¶
- 1Password: Twilio IT support at amp.org
- 2FA OTP configured in 1Password
- Remote desktop access to Azure/Aptify servers
Vendor Contacts Mentioned¶
None mentioned in this recording.
Errors & Troubleshooting¶
- Error: "IP address isn't listed" on login
- Cause: Current IP not in SendGrid allowed list
- Resolution: Remote to office PC or whitelisted server to login
-
Timestamp: 0:00:25
-
Issue: VPN doesn't bypass IP restriction
- Cause: SendGrid sees home IP despite VPN
- Resolution: Use office computer or Azure server instead
- Timestamp: 0:00:50
Transcript Gaps & Quality Notes¶
- Q&A session at end with team questions
- Repeating "Thanks. Bye." at end is transcript artifact
- Team members: Hector mentioned as helping
- SendGrid usage question answered: legacy apps, SQL notifications
- Occurs approximately every 3 months