Appreciate the call today. As I mentioned, in order to use the IP whitelisting features, you must use $request methods in server.js. Requests sent using any other 3rd party HTTP client will go through, but won’t originate from the whitelist IPs mentioned. Additionally, you must set staticIp: true in the options (second argument) to $request.* calls.
Once you have tried this, and if that still doesn’t send the request through the static IPs mentioned above, please drop me a DM with details mentioned below:
what IPs are the calls coming from?
how are you confirming that the calls are coming from a different IP? (You mentioned this briefly in the call. Pinging Freshworks infra, or looking up the IPs of endpoints won’t give the same result. However, if you try sending a HTTP request from server.js using $request.* with staticIP: true, in a Custom App, you can try reading the logs from the request endpoint if you have access to them.)
which region is the client’s Freshservice account in?