Documentation Journey Optimizer Journey Optimizer Guide

Set up an allowed list allow-list

Last update: Mon Mar 16 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

Topics:
Deliverability

CREATED FOR:

Intermediate
Admin

The allowed list is a sending-safe list you can define at the sandbox level. It restricts email sending to specific addresses or domains, ensuring that only explicitly listed recipients can receive messages from a given sandbox.

CAUTION

This feature only applies to the email channel. It is available on production and non-production sandboxes.

On non-production sandboxes, where accidental sends can occur, the allowed list prevents unwanted messages from reaching real customer addresses, providing a secure environment for testing purposes.

When the allowed list is active but empty, no emails are sent. This makes it a useful emergency brake: if a critical issue arises, you can activate an empty allowed list to halt all outgoing communications from Journey Optimizer until the problem is resolved. Learn more about the allowed list logic.

You can also use the Journey Optimizer Suppression REST API to manage outgoing messages programmatically through suppression and allow lists. Learn how to work with the Suppression REST API

Access the allowed list access-allowed-list

To access the detailed list of allowed email addresses and domains, go to Administration > Channels > Email settings, and select Allowed list.

Allowed list page showing the list of allowed email addresses and domains

CAUTION

Permissions to view, export and manage the allowed list are restricted to Journey Administrators. Learn more about managing Journey Optimizer users’ access rights in this section.

To export the allowed list as a CSV file, select the Download CSV button.

Use the Delete button to permanently remove an entry.

You can search on the email addresses or domains, and filter on the Address type. Once selected, you can clear the filter displayed on top of the list.

Allowed list filtered by address type

Activate the allowed list enable-allow-list

To activate the allowed list, follow the steps below.

Access the Channels > Email configuration > Allow list menu.
Select the toggle button.

Select Activate allowed list. The allowed list is now active.

Confirmation that the allowed list is now active

note note
NOTE
After activation, there is a 10-minute delay before the allowed list takes effect in journeys and campaigns. Updates to both the allowed list and suppression list can also take up to 10 minutes to reflect. When active, the allowed list is enforced not only in live journeys, but also when testing messages with proofs and journeys in test mode.

The allowed list logic applies when the feature is active. Learn more in this section.

Deactivate the allowed list deactivate-allow-list

To deactivate the allowed list, follow the steps below.

Access the Channels > Email configuration > Allow list menu.
Select the toggle button.

Select Deactivate allowed list. The allowed list is no longer active.

Confirmation that the allowed list is now inactive

note note
NOTE
After you deactivate the allowed list, there is a 10-minute delay before it takes effect in your journeys and campaigns. Similarly, updates to both the allowed list and suppression list can take up to 10 minutes to reflect.

The allowed list logic does not apply when the feature is deactivated. Learn more in this section.

Add entities to the allowed list add-entities

To add new email addresses or domains to the allowed list for a specific sandbox, you can either manually populate the list, or use an API call.

NOTE

The allowed list can contain up to 1,000 entries.

Manually populate the allowed list manually-populate-list

You can manually populate the Journey Optimizer allowed list by adding an email address or a domain through the user interface.

NOTE

You can only add one email address or domain at a time.

To do this, follow the steps below.

Select the Add email or domain button.
Choose the address type: Email address or Domain address.

Enter the email address or domain you want to send emails to.

note note
NOTE
Make sure you enter a valid email address (such as abc@company.com) or domain (such as abc.company.com).

Specify a reason if needed.

Form to add an email address or domain to the allowed list, with an optional reason field

note note
NOTE
All ASCII characters in the range 32 to 126 are allowed in the Reason field. The full list can be found on this page for example.

Click Submit.

Add entities using an API call api-call-allowed-list

To populate the allowed list, you can also call the suppression API with the ALLOWED value for the listType attribute. For example:

Example API call to add an entry to the allowed list using the suppression API

You can perform the Add, Delete and Get operations.

Learn more about making API calls in the Adobe Experience Platform APIs reference documentation.

Download the allowed list download-allowed-list

To export the allowed list as a CSV file, follow the steps below:

Select the Download CSV button.

Wait until the file is generated.

Notification indicating the CSV file is being generated

note note
NOTE
Download time depends on the file size, meaning the number of addresses that are on the allowed list.
One download request can be processed at a time for a given sandbox.

Once the file is generated, you receive a notification. Click the bell icon on top right of the screen to display it.

Click the notification itself to download the file.

Notification with a download link for the generated CSV file

note note
NOTE
The link is valid for 24 hours.

Allowed list logic logic

When the allowed list is active, the following logic applies:

If the allowed list is empty, no email will be sent out.
If an entity is on the allowed list, and not on the suppression list, the email is sent to the corresponding recipient(s). However, if the entity is also on the suppression list, the corresponding recipient(s) will not receive the email, the reason being Suppressed.
If an entity is not on the allowed list (and not on the suppression list), the corresponding recipient(s) will not receive the email, the reason being Not allowed.

NOTE

The profiles with Not allowed status are excluded during the message sending process. Therefore, while the Journey reports will show these profiles as having moved through the journey (Read Audience and message activities), the Email reports will not include them in the Sent metrics as they are filtered out prior to email sending.

Learn more about the Live Report and Customer Journey Analytics report.

When the allowed list is deactivated, all the emails that you are sending from the current sandbox are sent out to all recipients (provided they are not on the suppression list), including real customer addresses.

Exclusion reporting reporting

When the allowed list is active, you can retrieve email addresses or domains that were excluded from a sending because they were not on the allowed list. To do this, you can use the Adobe Experience Platform Query Service to make the API calls below.

To get the number of emails that were not sent because the recipients were not on the allowed list, use the following query:

SELECT count(distinct _id) from cjm_message_feedback_event_dataset WHERE
_experience.customerJourneyManagement.messageExecution.messageExecutionID = '<MESSAGE_EXECUTION_ID>' AND
_experience.customerJourneyManagement.messageDeliveryfeedback.feedbackStatus = 'exclude' AND
_experience.customerJourneyManagement.messageDeliveryfeedback.messageExclusion.reason = 'EmailNotAllowed'

To get the list of email addresses that were not sent because the recipients were not on the allowed list, use the following query:

SELECT distinct(_experience.customerJourneyManagement.emailChannelContext.address) from cjm_message_feedback_event_dataset WHERE
_experience.customerJourneyManagement.messageExecution.messageExecutionID IS NOT NULL AND
_experience.customerJourneyManagement.messageDeliveryfeedback.feedbackStatus = 'exclude' AND
_experience.customerJourneyManagement.messageDeliveryfeedback.messageExclusion.reason = 'EmailNotAllowed'

recommendation-more-help

b22c9c5d-9208-48f4-b874-1cefb8df4d76