Overview
To ensure uStudio works reliably within your organization, your IT team must allow (whitelist) specific domains and services on your network.
Without proper whitelisting, users may experience:
- Issues loading audio, video, or live streams
- Login or authentication failures
- Broken or inaccessible content links
- Missing email notifications (invites, new content, digests)
This is typically a one-time setup handled by your IT team.
uStudio Domains
To enable core platform functionality, have your network or security team whitelist the following:
- ustudio.com or *.ustudio.com
- *.ustudiopages.com
- ustudioinc.auth0.com:443 (authentication)
- reports.crashlytics.com (support & diagnostics)
- app-measurement.com (support & diagnostics)
- e.crashlytics.com (support & diagnostics)
- settings.crashlytics.com (support & diagnostics)
If these are not allowed, the platform will not function correctly.
Advanced configuration (for restricted environments)
Some organizations prefer to whitelist only specific services instead of allowing all subdomains. If that applies to your environment, use the endpoint list below.
| Domain | Purpose |
| app.ustudio.com | Hub: admin tool for managing players |
| podcast-admin.ustudio.com | Management console: admin tool for managing podcasts |
| podcast-web.ustudio.com | Web app for audience content consumption |
| podcast-api.ustudio.com:443 | Core podcast API the platform is built on |
| podcast-configurations.ustudio.com:443 | Podcast configuration endpoint |
| progressive-cdn.ustudio.com | Progressive content delivery |
| secure-progressive-cdn.ustudio.com:443 | Secured progressive content delivery |
| adaptive-cdn.ustudio.com | Adaptive content delivery |
| live-streaming.ustudio.com | Live streaming endpoint |
| secure-live-streaming.ustudio.com:443 | Secured live streaming endpoint |
| live-events-app.ustudio.com | Podcast Live endpoint |
| rtmp-ingest-a.ustudio.com / rtmp-ingest-b.ustudio.com (ports 1935 or 443 for RTMPS) | Live streaming ingest endpoints |
| auth.ustudio.com:443 | Player SSO authentication |
| player-sso.ustudio.com | SSO player endpoint |
| ustudioinc.auth0.com:443 | Audience authentication |
| upload-app-01 through upload-app-24.ustudio.com | Content upload buckets |
| sftp.ustudio.com:22 | Optional SFTP content upload |
| poster-images.ustudio.com:443 | Content artwork |
| stats.ustudio.com | Analytics ingest |
| metadata-file-fields.ustudio.com | Platform metadata file fields |
| embed.ustudio.com | Platform embeds |
| authorized-embed.ustudio.com | Secured platform embeds |
| player-resources.ustudio.com:443 | Player resources |
| player-themes.ustudio.com | Player themes |
| playground.ustudio.com | Player editor |
| static.ustudio.com | Static resources |
| o1.app-mail.ustudio.com (IP: 198.37.150.35) | Email notifications |
Content Embedding
To embed uStudio content into your intranet or website, your site administrator must allow:
- player-sso.ustudio.com
- authorized-embed.ustudio.com
- embed.ustudio.com
If these are blocked, embedded players will not load.
Email & Link Security Configuration
To ensure uStudio emails and content links work properly, your email or security IT team should account for email and security tools that rewrite, scan, or proxy URLs (e.g., Proofpoint, Microsoft Safe Links, Mimecast, Bitly). These tools can modify links in ways that lead to a degraded user experience—for example, directing users to download the app even if it’s already installed.
Required actions:
- Allow link domain: companycode.podcast-links.ustudio.com:443 (replace with your company code)
- Allow email sending:
- From address: noreply@ustudio.com
- Sender domain: o1.app-mail.ustudio.com
- Sender IP: 198.37.150.35
- Test these emails and links by following this guide.
This ensures users receive notifications (invites, new episodes, digests) and can successfully access content links within those emails.
Admin Access
Admins manage content and users across both the uStudio Management Console (podcast-admin.ustudio.com) and the Hub (app.ustudio.com). To ensure seamless access and onboarding, your IT team should allow the required domains and email invitations.
Required actions:
- Allow access to:
- podcast-admin.ustudio.com
- app.ustudio.com
- Allow admin invitation email:
- From: notifications@ustudio.com
- Subject: You're invited to become a uStudio Administrator
This ensures admins can receive their invitation and successfully access both platforms to manage content and audiences.
Audience Access
For end users accessing uStudio, whitelist ustudioinc.auth0.com:443.
If your organization does not use Single Sign-On (SSO), also allow:
- Invitation email
- From: noreply@ustudio.com
- Subject: You have been invited to [Your Podcast Name]
- Email verification
- From: [Your Podcast Name] <noreply@ustudio.com>
Subject: Verify your email
