Studio - Data Source Requests Generating 403 Responses

Incident Report for Movable Ink

Postmortem

Incident Summary

Between the hours of 3 PM EST on Tuesday January 6th, 2026 and 11 AM EST on Wednesday January 7th, 2026, some data source requests out of the US West datacenter did not utilize the IP addresses on our published allowlist of IP addresses.

The event was triggered by the reversion of a service deployment to the US west coast data center in coordination with a new architecture being released. The reverted service also lacked a configured identifier. This resulted in the monitoring service, which is in place to verify that requests egress from the Allow List IP addresses, being rendered ineffective.

Resolution

The new service version was successfully deployed at 11 AM EST on January 7th, 2026. This new version utilizes a new architecture which improves the internal authorization mechanism and included proper configuration to restore normal operation for the Allow List IP address monitoring system.

Corrective Actions

  • Implemented an additional alert to identify if the monitoring tool has been disabled
  • The new architecture has been deployed to more efficiently and accurately support the use of Allowlist IP addresses.
Posted Jan 08, 2026 - 18:33 EST

Resolved

Between the hours of 3 PM EST on Tuesday January 6th, 2026 and 11 AM EST on Wednesday January 7th, 2026, some data source requests out of the US West datacenter did not utilize the IP addresses on our published allowlist of IP addresses. This presented as unauthorized requests to clients using IP allowlisting, and a 403 response code in our platform.

This has since been resolved. Please reach out to the Technical Support team if you continue to see this issue or have additional questions. A post-mortem will follow shortly.
Posted Jan 06, 2026 - 15:00 EST
Current Status Powered by Atlassian Statuspage