Many thanks for the prompt and comprehensive response!

In this case the local IT is (obviously) very strict with allowing outbound traffic. They are willing to make an exception if they now the exact IP's where the SEAL wants to connect to. Could you share the information of the server IP's where SEAL application wants to communicate before and during the Login process?

Thanks for your support!

As of today, SEAL requires internet access during the login process, and unfortunately, we cannot provide a list of specific IP addresses. The authentication is handled through Schneider Electric’s global login infrastructure (IDMS/PingID), which uses distributed services that may resolve to different IPs depending on location and network conditions.

What you're trying to achieve—running SEAL in a closed environment with tightly controlled outbound traffic—is not currently supported. We understand the need and are actively looking into solutions for such scenarios in future releases, but for now, temporary internet access with port 443 open is required, and we cannot define an IP-level whitelist.