Using Ipregistry you can filter origins, and control what API key is allowed to call the Ipregistry API from the client-side (i.e. your users’ browser). That’s really convenient to prevent unwanted usage of your API key from other websites.

A recurring use case we heard about is to accept any request that comes from subdomains of a given domain name but block other domains.

Let’s say you are a SaaS provider and you host customer resources on a subdomain of a shared domain. For instance customer1.acme.com, customer2.acme.com, etc., and on these pages you are calling the Ipregistry API. Then, instead of allowing each subdomain individually, you can now express the same need using a wildcard, depicted by the * character.

Before: