Get Static IPs
API to retrieve the primary and optional secondary static IP addresses registered for your user account (static IPs are managed at user level). The same registration applies regardless of which OAuth client issued your token.
When static-IP enforcement applies to order placement, requests from unregistered IPs may fail. For My Apps UI steps and platform rules, see the My Apps guide.
Registered addresses are returned in standard IPv4 or IPv6 notation.
Request
curl --location 'https://api.upstox.com/v2/user/ip' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {your_access_token}'
For additional samples in various languages, please refer to the Sample code section on this page.
Responses
- 200
- 4XX
Response Body
{
"status": "success",
"data": {
"user_id": "858644",
"primary_ip": "122.181.101.247",
"secondary_ip": "128.1.1.2",
"primary_ip_updated_at": "2026-04-03 17:17:50",
"secondary_ip_updated_at": "2026-04-03 17:17:50"
}
}
| Name | Type | Description |
|---|---|---|
| status | string | Outcome of the request. Typically success for successful operations. |
| data | object | User-level static IP configuration for the authenticated account. |
| data.user_id | string | Upstox user_id for the authenticated account. |
| data.primary_ip | string | Registered primary static IP (IPv4 or IPv6, standard notation) from which API order traffic must originate once enforcement is active. |
| data.secondary_ip | string | Registered secondary static IP (IPv4 or IPv6, standard notation) for backup or failover, if configured. May be omitted or null if never set. |
| data.primary_ip_updated_at | string | Timestamp when the primary IP was last updated (server time). |
| data.secondary_ip_updated_at | string | Timestamp when the secondary IP was last updated, if configured. May be omitted or null if never set. |
Error codes
| Error code | Description |
|---|---|
| UDAPI1179 | You are not allowed to access this app. - Returned when the authenticated user or token is not permitted to read static IP configuration for this account. |
| UDAPI1180 | App is inactive. - The OAuth client (API app) used for this token is inactive; activate it before calling this API. |
| UDAPI1181 | Static IP configuration is not available for this application type. - Static IP registration is not enabled for this client or account type. |
Invalid or expired access tokens and other gateway-level failures follow the standard API error format. Check the errors array for message, error_code, and related fields.
Sample Code
Get static IPs for the authenticated user
- Python
- Node.js
- Java
- PHP
import requests
url = 'https://api.upstox.com/v2/user/ip'
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {your_access_token}'
}
response = requests.get(url, headers=headers)
print(response.text)
const axios = require('axios');
const url = 'https://api.upstox.com/v2/user/ip';
const headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {your_access_token}'
};
axios.get(url, { headers })
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error.response?.data || error);
});
import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
public class Main {
public static void main(String[] args) {
try {
String url = "https://api.upstox.com/v2/user/ip";
HttpClient httpClient = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create(url))
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {your_access_token}")
.GET()
.build();
HttpResponse<String> response = httpClient.send(request, HttpResponse.BodyHandlers.ofString());
System.out.println("Response Code: " + response.statusCode());
System.out.println("Response: " + response.body());
} catch (Exception e) {
e.printStackTrace();
}
}
}
<?php
$url = 'https://api.upstox.com/v2/user/ip';
$headers = array(
'Content-Type: application/json',
'Accept: application/json',
'Authorization: Bearer {your_access_token}'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
echo "Response Code: " . $httpCode . PHP_EOL;
echo "Response: " . $response . PHP_EOL;
?>
Loading...