zelo72/documentation
1
0
Fork 0
mirror of https://github.com/mastodon/documentation synced 2025-04-11 22:56:17 +02:00
Code Issues 6 Releases Wiki Activity
documentation/content/en/methods/admin/ip_blocks.md
Emelia Smith cb3aa4de10
Document new OAuth changes for 4.3.0 (#1445) 
* Improve deprecation messaging for Application#vapid_key

* Format JSON examples in Instance methods

* Remove vapid_key from Apps API examples, since this property is deprecated on Application entity

* Add documentation for new OAuth 2.0 features added in 4.3.0

* Improve documentation for oauth-scopes

* Update content/en/api/oauth-scopes.md

Co-authored-by: Matt Jankowski <matt@jankowski.online>

* Update content/en/api/oauth-scopes.md

Co-authored-by: Matt Jankowski <matt@jankowski.online>

* Update content/en/api/oauth-scopes.md

Co-authored-by: Matt Jankowski <matt@jankowski.online>

* Update content/en/api/oauth-scopes.md

Co-authored-by: Matt Jankowski <matt@jankowski.online>

* Add deprecated and removed shortcode labels

* Use deprecated and removed shortcodes

* Improve OAuth documentation

* More OAuth documentation improvements

* Correct streaming API documentation after 4.2.0 changes

* Add note about improved Push Subscription API validation in 4.3.0

* Fix inconsistent OAuth label formatting

* Add note that there is a relationship between Accounts and the Application used to create them

* Add note that application registration endpoint also supports JSON bodies

* Be consistent in the formatting of placeholder values for Bearer tokens

* code review changes

* Slight changes in wording

* Add documentation for PKCE

* Removal of crypto oauth scope

* Cross-link authorization's scope with the OAuth Scopes documentation

* Update content/en/methods/oauth.md

* Update content/en/api/oauth-scopes.md

---------

Co-authored-by: Matt Jankowski <matt@jankowski.online>
Co-authored-by: David Roetzel <david@roetzel.de>
2024-10-10 14:44:19 +02:00

6.8 KiB
Raw Permalink Blame History

title description menu aliases
ip_blocks API methods Disallow certain IP address ranges from signing up.
docs
name parent identifier
ip_blocks methods-admin methods-admin-ip_blocks
/methods/admin/domain_blocks
/api/methods/admin/domain_blocks

List all IP blocks

GET /api/v1/admin/ip_blocks HTTP/1.1

Show information about all blocked IP ranges.

Returns: Array of [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added

Request

Headers
Authorization
{{}} Provide this header with Bearer <user_token> to gain authorized access to this API method.
Query parameters
max_id
Internal parameter. Use HTTP Link header for pagination.
since_id
Internal parameter. Use HTTP Link header for pagination.
min_id
Internal parameter. Use HTTP Link header for pagination.
limit
Integer. Maximum number of results to return. Defaults to 100 blocks. Max 200 blocks.

Response

200: OK
[
  {
    "id": "1",
    "ip": "8.8.8.8/32",
    "severity": "no_access",
    "comment": "",
    "created_at": "2022-11-16T07:22:00.501Z",
    "expires_at": null
  },
  // ...
]

Because IpBlock IDs are generally not exposed via any API responses, you will have to parse the HTTP Link header to load older or newer results. See [Paginating through API responses]({{<relref "api/guidelines#pagination">}}) for more information.

Link: <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&max_id=2>; rel="next", <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&since_id=1>; rel="prev"
403: Forbidden

Authorized user is not allowed to perform this action, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}

Get a single IP block

GET /api/v1/admin/ip_blocks/:id HTTP/1.1

Show information about a single IP block.

Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added

Path parameters
:id
{{}} String. The ID of the IpBlock in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user_token> to gain authorized access to this API method.

Response

200: OK
{
  "id": "1",
  "ip": "8.8.8.8/32",
  "severity": "no_access",
  "comment": "",
  "created_at": "2022-11-16T07:22:00.501Z",
  "expires_at": null
}
403: Forbidden

Authorized user is not allowed to perform this action, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

IpBlock with the given ID does not exist

{
	"error": "Record not found"
}

Block an IP address range from signing up

POST /api/v1/admin/ip_blocks HTTP/1.1

Add an IP address range to the list of IP blocks.

Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added

Request

Headers
Authorization
{{}} Provide this header with Bearer <user_token> to gain authorized access to this API method.
Form data parameters
ip
String. The IP address and prefix to block. Defaults to 0.0.0.0/32
severity
{{}} String. The policy to apply to this IP range: sign_up_requires_approval, sign_up_block, or no_access
comment
String. The reason for this IP block.
expires_in
Integer. The number of seconds in which this IP block will expire.

Response

200: OK

IP has been blocked from signups.

{
  "id": "1",
  "ip": "8.8.8.8/32",
  "severity": "no_access",
  "comment": "",
  "created_at": "2022-11-16T07:22:00.501Z",
  "expires_at": null
}
403: Forbidden

Authorized user is not allowed to perform this action, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
422: Unprocessable entity

IP has already been blocked, and/or no severity was provided

{
  "error": "Validation failed: Severity can't be blank, Ip has already been taken"
}

Update a domain block

PUT /api/v1/admin/ip_blocks/:id HTTP/1.1

Change parameters for an existing IP block.

Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added

Request

Path parameters
:id
{{}} String. The ID of the IpBlock in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user_token> to gain authorized access to this API method.
Form data parameters
ip
String. The IP address and prefix to block. Defaults to 0.0.0.0/32
severity
String. The policy to apply to this IP range: sign_up_requires_approval, sign_up_block, or no_access
comment
String. The reason for this IP block.
expires_in
Integer. The number of seconds in which this IP block will expire.

Response

200: OK

IP block has been updated

{
  "id": "1",
  "ip": "8.8.4.4/32",
  "severity": "no_access",
  "comment": "",
  "created_at": "2022-11-16T07:22:00.501Z",
  "expires_at": null
}
403: Forbidden

Authorized user is not allowed to perform this action, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}

Delete an IP block

DELETE /api/v1/admin/ip_blocks/:id HTTP/1.1

Lift a block against an IP range.

Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:domain_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added

Request

Path parameters
:id
{{}} String. The ID of the DomainAllow in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user_token> to gain authorized access to this API method.

Response

200: OK

The IP has been removed from the block list

{}
403: Forbidden

Authorized user is not allowed to perform this action, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

IpBlock with the given ID does not exist

{
	"error": "Record not found"
}

See also

{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/admin/ip_blocks_controller.rb" caption="app/controllers/api/v1/admin/ip_blocks_controller.rb" >}}