This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(243.2, 28.000000000000004%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECV%3C/text%3E%3C/svg%3E)
We are using Windows Notification Service (WNS), and I noticed the following FQDNs listed under IdentityServiceDNS in the latest XML configuration file:
login.microsoftonline.comlogin.live.comGiven that our environment does not use Microsoft services like O365, I’d like to clarify:
*.notify.windows.com, *.wns.windows.com, and *.notify.live.net), or is full whitelisting required for proper WNS functionality?We are using Windows Notification Service (WNS), and I noticed the following FQDNs listed under IdentityServiceDNS in the latest XML configuration file:
login.microsoftonline.comlogin.live.com
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 92%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERL%3C/text%3E%3C/svg%3E)
Hope you've been well. Any updates about this issue?
Besides, please kindly note that the tag system has changed in Microsoft Q&A now. You could select Windows tag and then select Windows APP SDK child tag for Windows app SDK or WinUI3 questions.
Hello,
Welcome to Microsoft Q&A!
Are these FQDNs strictly necessary for WNS notifications, even for environments without Microsoft services?
These FQDNs are necessary for WNS notifications. For example, the login.live.com is used for authenticating your cloud service. It is the very first step of the WNS process.
If so, what functionality would be impacted if we do not whitelist these domains?
You will fail to authenticate the WNS and the WNS will not work.
Can we limit whitelisting to just the top three FQDNs (*.notify.windows.com, *.wns.windows.com, and *.notify.live.net), or is full whitelisting required for proper WNS functionality?
Please follow the document and make sure all the FQDNs are whitelisted.
Thank you.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.