Domains to be allowed for Adobe apps & services to function correctly

Applies to enterprise & teams.

Read on to find URLs and domains that must be accessible on ports 80 and 443 for relevant Adobe applications and services to function correctly.

The minimal allowlist

If you are looking for a minimum set of domains to be allowed, allowing the following top-level domains will get you going:

Adobe hosted domains:

  • *.adobe.com
  • *.adobe.io
  • *.adobecc.com
  • *.adobecces.com
  • *.adobeccstatic.com
  • *.adobedtm.com
  • *.adobeexchange.com
  • *.adobegenuine.com
  • *.adobegov.com
  • *.adobe-identity.com
  • *.adobejanus.com
  • *.adobelogin.com
  • *.adobeoobe.com
  • *.adobeprojectm.com
  • *.adobesc.com
  • *.adobesc.com
  • *.adobe-services.com
  • *.adobess.com
  • *.adobesunbreak.com
  • *.adobetag.com
  • *.behance.net
  • *.ftcdn.net
  • *.typekit.com
  • *.typekit.net
  • slp-statics.astockcdn.net

Amazon Web Services:

  • *.s3.amazonaws.com
  • s3.amazonaws.com/tron-ffc-icons-prod/
  • gocart-web-prod-*.elb.amazonaws.com
  • *.kinesisvideo.*.amazonaws.com
  • *.s3-accelerate.amazonaws.com

Other third-party domains:

  • *.cloudfront.net
  • firebase-settings.crashlytics.com
  • firebase*.googleapis.com
  • wss://speech.platform.bing.com
  • *.arkoselabs.com

Read on to find exhaustive lists of fully qualified domain names that are required to run specific Adobe services.

Downloadable allowlist

You can download the complete list of fully qualified URLs and domains here.

Download Network endpoints

The downloaded file has the timestamp in its name. So each time you download it, you can save the file and use it later to compare it (using any file comparison tool) to a newer version. The comparison will give you a list of domains that Adobe has added or removed.

Following is how you can compare two files to know what has changed:

  1. Download the allowlist. Save it for future reference.

  2. When you notice a change in the last updated date of the page (mentioned below the page title at the top of the page), download the list again.

  3. The downloaded files have a timestamp in their names.
    Use a file comparison tool (like Notepad++) to compare the latest file with the one you used or referred to last.

    The difference you see between the two files is what has changed since you last downloaded the allowlist. Domains that are not present in the previously downloaded file, consider adding them to your allowlist.

    You may also consider removing or disallowing any domains that Adobe has removed from this list.

Note:

If you maintain your own certificate store, ensure it is updated with the latest Amazon Root CAs. Learn more here.

Downloadable endpoints matrix

The following matrix (available for download in Excel format) contains the endpoints detailed in the following sections of this article.

The matrix is arranged by:

  • Adobe apps on the horizontal axis.
  • Adobe hosted Services and the corresponding endpoints on the vertical axis.

Exhaustive allowlists with fully qualified domains

All Adobe services

Licensing-activation services:

  • lm.licenses.adobe.com
  • resources.licenses.adobe.com
  • cs.licenses.adobe.com
  • exception.licenses.adobe.com
  • pubcerts.licenses.adobe.com
  • workflow.licenses.adobe.com
  • auth.services.adobe.com

Deployment and fulfillment services:

  • adminconsole.adobe.com
  • cc-ext-prod-pkgs.s3.amazonaws.com
  • ccmdls.adobe.com
  • ccmdl.adobe.com
  • ans.oobesaas.adobe.com
  • ars.oobesaas.adobe.com
  • cdn-ffc.oobesaas.adobe.com
  • ffc-icons.oobesaas.adobe.com
  • ffc-static-cdn.oobesaas.adobe.com
  • prod-rel-ffc-ccm.oobesaas.adobe.com
  • acc.adobeoobe.com
  • prod.acp.adobeoobe.com
  • mir-s3-cdn-cf.behance.net
  • swupmf.adobe.com
  • swupdl.adobe.com
  • oobe.adobe.com
  • productrouter.adobe.com
  • s3.amazonaws.com
  • s3.amazonaws.com/tron-ffc-icons-prod/
  • tron-prod-customized-user-packages.s3.amazonaws.com
  • armmf.adobe.com
  • ardownload.adobe.com (HTTP only)
  • ardownload2.adobe.com (HTTPS only)
  • agsupdate.adobe.com

Adobe-hosted authentication services:

  • ims-na1.adobelogin.com
  • ims-prod06.adobelogin.com
  • ims-prod07.adobelogin.com
  • static.adobelogin.com
  • delegated.adobelogin.com
  • adobeid.services.adobe.com
  • adobeid-na1.services.adobe.com
  • auth.services.adobe.com
  • federatedid-na1.services.adobe.com
  • na1e-acc.services.adobe.com
  • na1e.services.adobe.com
  • na1r.services.adobe.com
  • ad.adobe-identity.com
  • ids-proxy.account.adobe.com
  • lcs-cops.adobe.io
  • lcs-robs.adobe.io
  • lcs-entitlement.adobe.io
  • lcs-ulecs.adobe.io
  • ams.adobe.com
  • oobe.adobe.com
  • adobelogin.prod.ims.adobejanus.com
  • services.prod.ims.adobejanus.com
  • www-prod.adobesunbreak.com

Additional Services used for Adobe IDs:

  • api-cna01.adobe-services.com
  • supportanyware.adobe.io

Adobe Genuine Integrity Service:

  • genuine.adobe.com
  • prod.adobegenuine.com
  • gocart-web-prod-*.elb.amazonaws.com

Adobe Application Manager:

  • www.adobe.com

Sign in user experience:

  • acc-learn.adobe.com
  • acc-learn.adobe.io
  • acc.adobeoobe.com
  • accounts.adobe.com
  • acp-ss-ue1.adobe.io
  • adobe-api.arkoselabs.com
  • adobe-verify.arkoselabs.com
  • api.account.adobe.com
  • api.typekit.com
  • cc-api-behance.adobe.io
  • cc-api-data.adobe.io
  • cc-api-storage.adobe.io
  • client-api.arkoselabs.com
  • client-verify.arkoselabs.com
  • crs.cr.adobe.com
  • data.typekit.net
  • federation-gateway.adobe.io
  • fonts.adobe.com
  • helpx.adobe.com
  • mir-s3-cdn-cf.behance.net
  • notify.adobe.io
  • oobe.adobe.com
  • p.typekit.net
  • p13n.adobe.io
  • p13n-mr.adobe.io
  • polka.typekit.com
  • prod.adobeccstatic.com
  • public.adobecc.com
  • scss.adobesc.com
  • ss-prod-ue1-notif-16.aws.adobess.com
  • sso.behance.net
  • sstats.adobe.com
  • state.typekit.net
  • use.typekit.net
  • wwwimages.adobe.com
  • wwwimages2.adobe.com

Updater:

  • armmf.adobe.com
  • ardownload.adobe.com
  • http://armdl.adobe.com/
  • a3.behance.net
  • a5.behance.net
  • account.adobe.com
  • accounts.adobe.com
  • acp-ss-an1.adobe.io
  • acp-ss-ew1.adobe.io
  • acp-ss-ue1.adobe.io
  • acp-ss.adobe.io
  • *.adbecrsl.com
  • *.adbephotos.com
  • adminconsole.adobe.com
  • adobe.ly
  • adobeid-na1.services.adobe.com
  • adobesearch.adobe.io
  • ans.oobesaas.adobe.com
  • api.account.adobe.com
  • api.typekit.com
  • appregistry.adobe.io
  • aps-web.adobe.io
  • ars.oobesaas.adobe.com
  • as.ftcdn.net
  • as1.ftcdn.net
  • as2.ftcdn.net
  • assets-cdn.adobe.com
  • assets-helper.adobe.io
  • assets.adobe.com
  • assets.fonts.adobe.com
  • audios.ftcdn.net
  • auth.services.adobe.com
  • awenroll.adobe.com
  • byof.adobe.io
  • cc-api-behance.adobe.io
  • cc-api-cp.adobe.io
  • cc-api-data.adobe.io
  • cc-api-storage.adobe.io
  • cc-cdn.adobe.com 
  • cc-collab.adobe.io
  • cc-ext-prod-pkgs.s3.amazonaws.com
  • ccext-cdn.adobecces.com
  • ccext-public.adobe.io
  • ccext-static.adobecces.com
  • ccext.adobe.io
  • ccext.adobecces.com
  • cchome.adobe.io
  • cclibraries-defaults-cdn.adobe.com
  • ccprojects-va6.adobe.io
  • ccprojects.adobe.io
  • cctypekit.adobe.io
  • cdn-ffc.oobesaas.adobe.com
  • cdn-sharing.adobecc.com
  • cdn.cp.adobe.io
  • client.messaging.adobe.com
  • comments.adobe.io
  • community.adobe.com
  • connect.ffc.adobeoobe.com
  • creativecloud.adobe.com
  • *.creativecloud.com
  • crs.cr.adobe.com
  • cvs.adobe.com
  • d32a1iuc7x840y.cloudfront.net
  • d3gnp5fs6fu2h7.cloudfront.net
  • dnzuu5synxxfk.cloudfront.net
  • data.typekit.net
  • dc-api.adobe.io
  • design-assets.adobeprojectm.com
  • ds-an1.adobe.io
  • ds-ew1.adobe.io
  • ds-ue1.adobe.io
  • ds.adobe.io
  • exchange.adobe.com
  • faster.typekit.net
  • ffc-static-cdn.oobesaas.adobe.com
  • firebase-settings.crashlytics.com
  • firebaseinstallations.googleapis.com
  • firebaselogging-pa.googleapis.com
  • fonts.adobe.com
  • genuine.adobe.com
  • geo.adobe.com
  • geo2.adobe.com
  • helpx.adobe.com
  • ic.adobe.io 
  • ids-proxy.account.adobe.com
  • illustrator.adobe.com
  • image.adobe.io
  • ims-na1.adobelogin.com
  • ims-prod06.adobelogin.com
  • ims-prod07.adobelogin.com
  • indd.adobe.com
  • invitations.adobe.io
  • landing.adobe.com
  • lcs-cops.adobe.io
  • lcs-robs.adobe.io
  • libraries.adobe.io
  • lightroom.adobe.com
  • links.adobe.io
  • livecreate-an1.adobe.io
  • livecreate-ew1.adobe.io
  • livecreate-ue1.adobe.io
  • *.macromedia.com
  • mail.adobegov.com
  • mir-s3-cdn-cf.behance.net
  • na1e-acc.services.adobe.com
  • notify.adobe.io
  • odin.adobe.com
  • *.omniture.com
  • oobe.adobe.com
  • p.typekit.net
  • p13n.adobe.io
  • pgc.adobe.io
  • photos.adobe.io
  • photoshop.adobe.com
  • platform-assets.typekit.net
  • platform-cs*.adobe.io
  • platform-cs.adobe.io
  • acp-*.adobe.io
  • polka.typekit.com
  • presence-an1.adobe.io
  • presence-ew1.adobe.io
  • presence-ue1.adobe.io
  • preview.illustrator.adobe.com
  • prod-rel-ffc-ccm.oobesaas.adobe.com
  • prod.adobeccstatic.com
  • prod.wam.adobe.com 
  • psweb-cd.adobe.io
  • public.adobecc.com
  • s.ftcdn.net
  • scss.adobesc.com
  • server.messaging.adobe.com
  • sensei.adobe.io
  • sharedcloud-production*.s3.amazonaws.com
  • sharedcloud-production*.s3-accelerate.amazonaws.com
  • aep-cs*.s3-accelerate.amazonaws.com
  • aep-cs*.s3.amazonaws.com
  • sharedcloud-production-us-east-1-data-temp.s3.amazonaws.com
  • slp-statics.astockcdn.net
  • ss-prod-an1-notif-13-aws.adobess.com
  • ss-prod-an1-notif-16.aws.adobess.com
  • ss-prod-ew1-notif-13-aws.adobess.com
  • ss-prod-ew1-notif-16.aws.adobess.com
  • ss-prod-ue1-notif-13-aws.adobess.com
  • ss-prod-ue1-notif-16.aws.adobess.com
  • ss-prod-ue1-notif-79.aws.adobess.com
  • state.typekit.net
  • static-assets.photoshop.adobe.com
  • static.adobelogin.com
  • stock-landing-pages.adobe.io
  • stock.adobe.com
  • t3.ftcdn.net
  • t4.ftcdn.net
  • udps.adobe.com
  • ui.messaging.adobe.com
  • use.typekit.com
  • use.typekit.net
  • utut-service.adobe.com 
  • v.ftcdn.net
  • workflow.licenses.adobe.com
  • wss://livecreate-*.adobe.io
  • wss://presence-*.adobe.io
  • wss://speech.platform.bing.com
  • www.adobe.com
  • wwwimages.adobe.com
  • wwwimages2.adobe.com
  • xd-cdn.adobecces.com 
  • xd.adobe.com
  • xdce.adobe.io
Note:

Adobe uses the Secure Websocket protocol (WSS) over HTTPS for connection with adobe.io. Also, the network proxy should allow the Secure WebSocket negotiation headers that are prefixed with Sec-WebSocket*”.

For a list of domains that you must allow for Acrobat, see here.

Services accessed from Creative Cloud applications

Click the required Adobe-hosted service to see the domains you must allow:

Applies to: Adobe Express
  • firefly-ae.adobe.io
  • sensei.adobe.io
  • senseicore.adobe.io
  • sensei-va6.adobe.io
  • firefly.adobe.io

Applies to: Photoshop

  • firefly.adobe.io
  • firefly-clio-imaging.adobe.io
  • pre-signed-firefly-prod.s3-accelerate.amazonaws.com
  • firefly-ps.adobe.io

Applies to: Illustrator

  • firefly-ai.adobe.io
  • firefly-acs.adobe.io
  • firefly.adobe.io
  • firefly-clio-imaging.adobe.io
  • pre-signed-firefly-prod.s3-accelerate.amazonaws.com
Applies to: Adobe Firefly web app and Firefly Custom Models
  • firefly.adobe.com
  • firefly-md.adobe.io
  • clio-assets.adobe.com
  • firefly-cliov2.adobe.com

Applies to: Illustrator beta

  • senseicore-ue1.adobe.io

Applies to: Photoshop beta

  • sensei-ue1.adobe.io

Applies to: Adobe Stock

  • firefly-st.adobe.io

Applies to: Adobe Firefly API

  • firefly-api.adobe.io
  • pre-signed-firefly-prod.s3.amazonaws.com

Adobe domains:

  • a5.behance.net 
  • acp-ss.adobe.io 
  • acp-ss-ew1.adobe.io 
  • acp-ss-ue1.adobe.io 
  • adobeid-na1.services.adobe.com 
  • adobemobiledev.demdex.net 
  • adobesearch.adobe.io 
  • adobesparkpost.app.link 
  • ans.oobesaas.adobe.com 
  • api.typekit.com 
  • aps-web.adobe.io 
  • as.ftcdn.net

  • as1.ftcdn.net 
  • as2.ftcdn.net 
  • assets.adobe.com 
  • assets.adobedtm.com 
  • assets-helper.adobe.io 
  • audios.ftcdn.net 
  • auth.services.adobe.com 
  • awcm177.awmdm.com 
  • awenroll.adobe.com 
  • byof.adobe.io 
  • cai.adobe.io
  • cai-msb.adobe.io 
  • cai-splunk-proxy.adobe.io
  • ccac-cdn.adobe.com 
  • cc-api-behance.adobe.io 
  • cc-api-data.adobe.io 
  • cc-api-storage.adobe.io 
  • cc-collab.adobe.io 
  • ccext-static.adobecces.com 
  • cchome.adobe.io 
  • ccprojects.adobe.io 
  • cctypekit.adobe.io 
  • cdn.schedule.adobe.com 
  • cdn-prod-ccv.adobe.com 
  • cdn-sharing.adobecc.com 
  • clientservices.googleapis.com 
  • clio-assets.adobe.com 
  • cm.everesttech.net 
  • comments.adobe.io 
  • configuration.apple.com 
  • creativecloud.adobe.com

 

  • data.typekit.net 
  • design-assets.adobeprojectm.com 
  • detect.ffc.adobeoobe.com:15292 
  • detect.ffc.adobeoobe.com:35691 
  • detect.ffc.adobeoobe.com:57921 
  • dpm.demdex.net 
  • dq4p8hz4ypg6l.cloudfront.net 
  • ds.adobe.io 
  • express.adobe.com 
  • express-brand-migration.adobe.io 
  • express-brand-migration.adobe.io 
  • express-search.hz.adobe.com 
  • faster.typekit.net 
  • firefly.adobe.io 
  • firefly-ae.adobe.io 
  • gateway.icloud.com 
  • geo2.adobe.com 
  • gsp64-ssl.ls.apple.com 
  • hbrt.adobe.com
  • hz-ccx-das.adobe.io 
  • hz-telemetry.adobe.io 
  • images-tv.adobe.com 
  • ims-na1.adobelogin.com 
  • ims-prod06.adobelogin.com 
  • invitations.adobe.io 
  • libraries.adobe.io 
  • mesu.apple.com 
  • metrics.icloud.com 
  • mir-s3-cdn-cf.behance.net 
  • new.express.adobe.com 
  • notify.adobe.io 
  • o1383653.ingest.sentry.io 
  • odin.adobe.com 
  • p.typekit.net 
  • p13n.adobe.io 
  • pf-temp-repo-ue1-prod.s3.amazonaws.com
  • pgc.adobe.io 
  • platform-cs.adobe.io 
  • platform-cs-edge.adobe.io
  • platform-cs-edge-va6.adobe.io 
  • platform-cs-edge-va6c2.adobe.io 
  • platform-cs-edge-va7.adobe.io 
  • platform-cs-va6.adobe.io 
  • policy.adobe.io 
  • polka.typekit.com 
  • pps.adobe.io 
  • prod.adobeccstatic.com 
  • public.adobecc.com 
  • s.ftcdn.net
  • schedule.adobe.io 
  • search.adobe.io 
  • search.adobe.io 
  • sensei.adobe.io 
  • senseicore-ue1.adobe.io 
  • sensei-ue1.adobe.io 
  • sensei-va6.adobe.io 
  • server.messaging.adobe.com 
  • spark-content-publish.adobe.io 
  • spark-content-publish.adobe.io 
  • spark-design-variations-v2.adobe.io 
  • ss-prod-ue1-ns.aws.adobess.com 
  • sstats.adobe.com 
  • state.typekit.net 
  • static.thenounproject.com 
  • stock.adobe.io 
  • stock-apex-images-prod-ew1.s3.eu-west-1.amazonaws.com 
  • stocks-data-service.apple.com 
  • t3.ftcdn.net 
  • t4.ftcdn.net 
  • uds.adobe-identity.com 
  • use.typekit.net 
  • v.ftcdn.net 
  • video.tv.adobe.com 
  • weather-data.apple.com 
  • wss://livecreate-*.adobe.io
  • wss://presence-*.adobe.io
  • wss://prod.wam.adobe.com 
  • www.adobe.com
Note:

Adobe uses the Secure Websocket protocol (WSS) over HTTPS for connection with adobe.io. Also, the network proxy should allow the Secure WebSocket negotiation headers that are prefixed with Sec-WebSocket*”.

Non-adobe domains:

  • braze-images.com
  • sdk.iad-01.braze.com
  • cpf-temp-repo-ue1-prod.s3.amazonaws.com

Applies to: After Effects, Dreamweaver, Illustrator, InDesign, Muse, Photoshop, Premiere Pro, Adobe XD

  • *.adobesc.com
  • cc-collab.adobe.io
  • cc-api-cp.adobe.io
  • comments.adobe.io
  • sharedcloud-production*.s3-accelerate.amazonaws.com
  • aep-cs*.s3-accelerate.amazonaws.com
  • aep-cs*.s3.amazonaws.com
  • acpprodva7apollo.blob.core.windows.net/acp-prod-va7-data*
  • platform-cs*.adobe.io
  • acp-*.adobe.io
  • acp-ss-*.adobe.io
  • *.adobess.com
  • ccext.adobecces.com
  • p13n.adobe.io

Applies to: After Effects, Illustrator, InDesign, Photoshop, Premiere Pro, Adobe XD

  • cc-api-storage*.adobe.io
  • assets.adobe.com
  • assets2.adobe.com
  • helpx.adobe.com
  • fonts.adobe.com
  • use.typekit.net
  • adobeexchange.com
  • *.adobesc.com
  • cc-collab.adobe.io
  • adbemdigitalmediarebootprod2.112.2o7.net
  • polka.typekit.com
  • wwwimages2.adobe.com
  • sstats.adobe.com
  • assets.adobedtm.com
  • cdn.tt.omtrdc.net
  • api.demandbase.com
  • *.ftcdn.net
  • *.behance.net
  • dpm.demdex.net
  • cc-api-image.adobe.io/createagc
  • cc-api-image-x.adobe.io/agctosvg
  • platform-cs*.adobe.io
  • acp-*.adobe.io
  • acp-ss-*.adobe.io
  • *.adobess.com
  • invitations.adobe.io
  • public.adobecc.com
  • libraries.adobe.io
  • sharedcloud-production*.s3.amazonaws.com
  • sharedcloud-production*.s3-accelerate.amazonaws.com
  • aep-cs*.s3-accelerate.amazonaws.com
  • aep-cs*.s3.amazonaws.com
Note:

Library Services have a dependency on Adobe Stock Services.

Applies to: After Effects, Illustrator, InDesign, Photoshop, Premiere Pro

  • stock.adobe.com
  •  *.astockcdn.net
  • ims-na1.adobelogin.com
  • adobeid-na1.services.adobe.com
  • cc-api-assets.adobe.io
  • a3.behance.net
  • a5.behance.net
  • api.behance.net
  • adobe.demdex.net
  • sstats.adobe.com
  • dpm.demdex.net
  • assets.adobedtm.com
  • adobe.tt.omtrdc.net
  • as.ftcdn.net
  • as1.ftcdn.net
  • as2.ftcdn.net
  • p.typekit.net
  • use.typekit.net
  • store1.adobe.com
  • adobe.com
  • bam.nr-data.net
  • *.adobe.io
  • *.s3*.amazonaws.com
  • *.ftcdn.net
  • bat.bing.com
  • c.betrad.com
  • c.evidon.com
  • googleads.g.doubleclick.net
  • js-agent.newrelic.com
  • snap.licdn.com
  • www.everestjs.net
  • www.facebook.com
  • www.googleadservices.com
  • www.googletagmanager.com
  • wwwimages2.adobe.com
  • match.prod.bidr.io
  • scripts.demandbase.com
  • cdn.inpwrd.net
  • ct.pinterest.com
  • d9.flashtalking.com
  • pixel.quantserve.com
  • 9212252.fls.doubleclick.net

Applies to: After Effects, Dreamweaver, Illustrator, InDesign, Muse, Photoshop, Premiere Pro

  • fonts.adobe.com
  • api.typekit.com
  • use.edgefonts.net
  • adobetag.com
  • adobe.demdex.net
  • ans.oobesas.adobe.com

Applies to: All

  • api.adobe.io

Applies to: Adobe Audition, Dreamweaver, Flash, Professional, Illustrator, InCopy, InDesign, Lightroom, Muse, Photoshop, Prelude, Premiere Pro

  • adobeexchange.com/api

Applies to: All

Licensing services for desktop applications that use activation services
  • *.licenses.adobe.com
Services used for registering Adobe IDs that are delegated product
  • api-cna01.adobe-services.com
  • supportanyware.adobe.io
Required by Adobe Application Manager
  •  www.adobe.com
The site for IT Staff to administer Adobe Enterprise IDs and Creative Cloud for enterprise entitlements
  • lcs-cops.adobe.io
Required by Adobe Genuine Integrity Service
  • genuine.adobe.com
  • prod.adobegenuine.com
  • gocart-web-prod-*.elb.amazonaws.com
  • na1e.services.adobe.com

Applies to: After Effects, Premiere Pro, Prelude, Adobe Media Encoder

  • adobe.com
  • amazonaws.com
  • adobe.io
  • cc-api-sharedproductions-prerelease.adobe.io
  • cc-api-teamprojects.adobe.io
  • cc-api-teamprojects-ue1.adobe.io
  • cc-api-teamprojects-ew1.adobe.io
  • cc-api-teamprojects-an1.adobe.io
  • docs.aws.amazon.com/general/latest/gr/
  • rande.html#s3_region

Applies to: Premiere Pro

  • adobe.com
  • adobe.io
  • adobe-voice.adobe.io
  • adobe-voice-va7.adobe.io
  • adobe-voice-nld2.adobe.io
  • blob.core.windows.net

Applies to: Photoshop, Behance

  • cai.adobe.io
  • cai-identity.adobe.io
  • policy.adobe.io 
  • cai-msb.adobe.io
  • cai-manifests.adobe.com
  • cai-settings.adobe.io

Applies to: Lightroom

  • oz-prod-masters.s3.us-west-2.amazonaws.com
  • oz-prod-proxies.s3.us-west-2.amazonaws.com
  • oz-prod-proxies-video-1080p.s3.us-west-2.amazonaws.com
  • oz-prod-proxies-video-1080p-bt709.s3.us-west-2.amazonaws.com
  • oz-prod-proxies-video-1080p709.s3.us-west-2.amazonaws.com
  • oz-prod-proxies-video-360p.s3.us-west-2.amazonaws.com
  • oz-prod-proxies-video-fullsize.s3.us-west-2.amazonaws.com
  • revel-prod-us-west-2.s3.us-west-2.amazonaws.com
  • oz-prod-asset-aux.s3.us-west-2.amazonaws.com
  • oz-prod-cr-params.s3.us-west-2.amazonaws.com
  • directstorage.adbephotos.com
  • oz-prod-versions.s3.us-west-2.amazonaws.com

Applies to: Photoshop

  • sensei.adobe.io/services/v2/predict
  • image.adobe.io/sensei/mask
  • image.adobe.io/utils/storage?num=2

Applies to: Photoshop

  • mds-cdn.infra.adobesensei.io
  • senseimds.adobe.io

Creative Cloud services accessed from browsers

Click the required browser-based service to see the list of domains you must allow:

Applies to: All

  • adobe.com
  • assets.adobe.com
  • assets2.adobe.com
  • creative.adobe.com
  • express.adobe.com
  • myportfolio.com
  • api.account.adobe.com
  • firefly-ai.adobe.io
  • firefly-ps.adobe.io
  • firefly.adobe.io
  • splcloud.adobe.io
  • firefly-ae.adobe.io
  • firefly-st.adobe.io
  • firefly-md.adobe.io
  • firefly-prerelease.adobe.io
  • firefly-acs.adobe.io
  • firefly-cliov2.adobe.io
  • firefly-beta.adobe.io
  • firefly-api.adobe.io
  • firefly-balancer.adobe.io
  • firefly-cme-training.adobe.io
  • firefly-cme-inference.adobe.io
  • firefly-clio-imaging.adobe.io
  • firefly-clio-imaging-prerelease.adobe.io
  • firefly-3di.adobe.io
  • aep-cs-blobstore-prod-va6-data.s3.amazonaws.com
  • pre-signed-firefly-prod.s3-accelerate.amazonaws.com
  • cc-api-storage.adobe.io
  • cdn.cp.adobe.io
  • dc-api-v2.adobe.io
  • firefly-ai.adobe.io
  • firefly-ps.adobe.io
  • firefly.adobe.io
  • indd.adobe.com            
  • mds-cdn.infra.adobesensei.io
  • platform-cs-va6-adobe.io
  • sensei-ue1.adobe.io
  • sensei-va6.adobe.io
  • senseicore-ue1.adobe.io
  • senseicore.adobe.io
  • senseimds.adobe.io

Applies toAfter Effects, Illustrator, InDesign, Photoshop, Premiere Pro, Adobe Bridge

  • stock.adobe.com
  •  *.astockcdn.net
  • ims-na1.adobelogin.com
  • adobeid-na1.services.adobe.com
  • cc-api-assets.adobe.io
  • a3.behance.net
  • api.behance.net
  • adobe.demdex.net
  • sstats.adobe.com
  • dpm.demdex.net
  • assets.adobedtm.com
  • adobe.tt.omtrdc.net
  • as.ftcdn.net
  • as1.ftcdn.net
  • as2.ftcdn.net
  • fonts.adobe.com
  • p.typekit.net
  • use.typekit.net
  • store1.adobe.com
  • adobe.com
  • bam.nr-data.net
  • esp.aptrinsic.com
  • *.adobe.io
  • *.s3*.amazonaws.com
  • *.ftcdn.net
  • bat.bing.com
  • c.betrad.com
  • c.evidon.com
  • googleads.g.doubleclick.net
  • js-agent.newrelic.com
  • snap.licdn.com
  • www.everestjs.net
  • www.facebook.com
  • www.googleadservices.com
  • www.googletagmanager.com
  • wwwimages2.adobe.com
  • match.prod.bidr.io
  • scripts.demandbase.com
  • cdn.inpwrd.net
  • ct.pinterest.com
  • d9.flashtalking.com
  • pixel.quantserve.com
  • 9212252.fls.doubleclick.net

Applies to: Creative Cloud Desktop, Illustrator, InDesign, Photoshop

  • prosite.com

Applies to: Premiere Pro, Prelude

  • story.adobe.com

Applies to: Dreamweaver

  • build.phonegap.com

Applies to: Creative Cloud Desktop, After Effects, Dreamweaver, Illustrator, InDesign, Muse, Photoshop, Premiere Pro

  • fonts.adobe.com
  • typekit.com
  • use.typekit.net
  • use.typekit.com
  • p.typekit.net
  • data.typekit.net
  • state.typekit.net
  • polka.typekit.net
  • polka.typekit.com
  • api.typekit.com
  • dnzuu5synxxfk.cloudfront.net
  • afwebcdn.fonts.adobe.com
  • assets.fonts.adobe.com

Applies to: Dreamweaver, Muse

  • businesscatalyst.com

Applies to: InDesign

  • digitalpublishing.acrobat.com

Applies to: Photoshop, Illustrator, InDesign, After Effects, Flash Pro

  • color.adobe.com

To allow access to Frame.io app on the web, or through integrations (such as with Adobe Premiere Pro, After Effects):

*.frame.io

Frame.io Services

*.f.io

frameio-assets.s3.amazonaws.com

Frame.io Uploaded Media & Content

frameio-application-production.s3-accelerate.amazonaws.com

frameio-assets-production.s3-accelerate.amazonaws.com

frameio-uploads-production.s3-accelerate.amazonaws.com

If you're unable to allow *.frame.io, you may individually allow the following:

accounts.frame.io

Authentication Portal

activate.frame.io

tvOS Activation Page

api.frame.io

Frame.io API

app.frame.io

Frame.io Web Application

applications.frame.io

OAuth Apps (3rd-party integrations)

assets.frame.io

Asset CDN URL

drm.frame.io

DRM Proxy Service

developer.frame.io

Developer Site

external-assets.frame.io

External Assets

forensic-support.frame.io

Forensic Watermarking API

picture.frame.io

Dynamic Imaging Service

picture2.frame.io

New Dynamic Imaging Service

playback.frame.io
Video Quality Metrics Service

preview.frame.io

Multipage URL

socket.frame.io

Websocket for Real-time Notifications

sockets.frame.io

Websocket for Real-time Notifications

sso.frame.io

SSO Path

static-assets.frame.io

Static Assets

stream.frame.io

Streaming Service (Watermark/HLS)

stream-x86.frame.io

New Streaming Service

stream-download.frame.io

Streaming Download Service

support.frame.io

Support Site

transferapp.frame.io

Transfer App

translate.frame.io

Comment Export Service

us-east-1.edge.arcade.frame.io Storage Connect Service

 

Consider allowing the following external providers in order to utilize certain functions such as product integrations, in-app support chat, analytics, product tours, and application monitoring:

fast.appcues.com

Product Tours, Announcements, and NPS Surveys

api.appcues.net

my.appcues.com

d24n15hnbwhuhn.cloudfront.net

Cloudfront CDN

google-analytics.com

Analytics Provider

js.intercomcdn.com

In-app Support Chat Provider

widget.intercom.io

static.intercomassets.com

nexus-websocket-a.intercom.io

nexus-websocket-b.intercom.io

checkout.stripe.com

Payment Processing for Retail Plans

js.stripe.com

m.stripe.network

cdn.segment.io

Analytics Provider

api.segment.io

sentry.io

Application Monitoring

vimeo.com

Publish to Vimeo Integration

dropbox.com

Publish to Dropbox Integration

  • adminconsole.adobe.com
  • *.services.adobe.com
  • prod.acp.adobeoobe.com
  • lcs-entitlement.adobe.io/v1/user
  • lcs-entitlement.adobe.io/v1/trial
  • lcs-cops.adobe.io
  • lcs-robs.adobe.io
  • lcs-entitlement.adobe.io
  • lcs-ulecs.adobe.io
  • licensing.adobe.com
  • adobe.com
  • wwwimages.adobe.com
  • store.adobe.com
  • store1.adobe.com
  • store2.adobe.com
  • store3.adobe.com
  • photoshop.com
  • podcast.adobe.com
  • phonos-server.adobe.io
  • wss://phonos-server.adobe.io
  • phonos-recordings-production.s3-accelerate.amazonaws.com
  • phonos-recordings-production.s3.amazonaws.com
  • auth.services.adobe.com
  • p13n.adobe.io
  • cc-api-behance.adobe.io
  • mir-s3-cdn-cf.behance.net
  • cdn.cookielaw.org
  • p.typekit.net
  • use.typekit.net
  • *.kinesisvideo.*.amazonaws.com
  • js-agent.newrelic.com
  • bam.nr-data.net

Third-party domains

These domains can be accessed by one or more of the Creative Cloud creative applications. They are optionally included to complement a user’s experience with Creative Cloud.

  • access.imageclub.com
  • play.google.com
  • www.flickr.com
  • chrome.google.com
  • soundcloud.com
  • www.freedb.org
  • developer.apple.com
  • subversion.tigris.org
  • www.ietf.org
  • framework.zend.com
  • windowsupdate.com
  • digicert.com
  • geotrust.com
  • globalsign.com
  • godaddy.com
  • twitter.com
  • www.microsoft.com
  • ftp.yourdomain.com
  • www.amazon.com
  • www.mp3licensing.com
  • itunes.apple.com
  • www.apple.com
  • www.python.org
  • jquerymobile.com
  • www.color.org
  • omniroot.com
  • symantec.com
  • symcb.com
  • symcd.com
  • www.rulesforuse.org
  • maps.google.com
  • www.eclipse.org
  • www.shutterfly.com
  • msdn.microsoft.com
  • www.facebook.com
  • www.zoomify.com
  • www.evidon.com
  • www.betrad.com
  • *.uservoice.com
  • thawte.com
  • verisign.com
  • api.mapbox.com
  • worldsecuresystems.com
  • adobe-oobe-prod-data-store-ue1.s3.amazonaws.com
  • cc-ext-prod-pkgs.s3.amazonaws.com
  • encoded-videos-0.s3.amazonaws.com
  • fotolia-prod-3dobjects.s3.amazonaws.com
  • fotolia-prod-audios-originals.s3.amazonaws.com
  • fotolia-prod-templates.s3.amazonaws.com
  • fotolia-prod-videos-0.s3.eu-west-1.amazonaws.com
  • fotolia-prod-vectors.s3.eu-west-1.amazonaws.com
  • gocart-web-prod-*.elb.amazonaws.com
  • sharedcloud-production-us-east-1-data-asset.s3.amazonaws.com
  • stock-apex-images-prod-ew1.s3.eu-west-1.amazonaws.com
  • stock-vip-processed-prod-irl1.s3.eu-west-1.amazonaws.com
  • thumbs-0.s3.amazonaws.com
  • tron-prod-customized-user-packages.s3.amazonaws.com
  • videos-0.s3-eu-central-1.amazonaws.com
  • cc-ext-prod-pkgs.s3.amazonaws.com/Extensions/**

Regional domains

Many of the domains listed above use geography-specific aliases or IP addresses. Ensure that your firewall supports aliases.

Also, Adobe services are hosted redundantly across several servers in different regions. These hosts are subject to change for various reasons, such as system load. We do not recommend the use of IP addresses for allowing or blocking access. The IP addresses will likely be incorrect quickly after implementation - potentially within hours. In addition, the IP address information will vary depending on geographical location, and any records used will be incorrect from another location.

Join the conversation

If you have any questions or observations about the topics, concepts, or procedures described in this article, join the discussion.

Join Now

 Adobe

Get help faster and easier

New user?