Using private network endpoints

Private endpoint format

The private endpoint URL uses the following format:

api.private.<region>.watson-orchestrate.cloud.ibm.com

Replace <region> with your IBM Cloud region. For example,

api.private.eu-de.watson-orchestrate.cloud.ibm.com

These endpoints are supported in all IBM Cloud regions where watsonx Orchestrate is deployed.

Benefits of using private endpoints

Using private network endpoints provides several benefits:

• Enhanced security: Keeps traffic within IBM Cloud private network, avoiding exposure to the public internet.

• Data isolation: Ensures better compliance and governance by maintaining private routing.

• Simplified access: No need for VPN setup to connect securely to your watsonx Orchestrate instance.

• Consistent network performance: Reduces latency that is associated with public internet routes.

Before you begin

Before you can use private network endpoints, your IBM Cloud account must be configured for private connectivity by enabling the following features:

• Virtual Routing and Forwarding (VRF) : Provides a private address space for your IBM Cloud account.

• Service endpoints : Allow your services to communicate over the private IBM Cloud network.

To enable these features, follow the steps in Enabling VRF and service endpoints.

Accessing your private endpoint URL

After private endpoints are enabled for your account and region, you can view your service’s private endpoint URL by navigating to your service instance in the IBM Cloud console.

The private endpoint URL follows this format:

https://api.private.<region>.watson-orchestrate.cloud.ibm.com

You can use this endpoint in your integrations or API clients to ensure that all traffic remains within the IBM Cloud private network.

For more information on enabling and managing private endpoints, see Public and private network endpoints in the IBM Cloud documentation.