documentation/content/en/methods/admin/accounts.md

21 KiB

title description menu aliases
admin/accounts API methods Perform moderation actions with accounts.
docs
name parent identifier
admin/accounts methods-admin methods-admin-accounts
/methods/admin/accounts
/api/methods/admin/accounts

View accounts (v1)

GET https://mastodon.example/api/v1/admin/accounts HTTP/1.1

View all accounts, optionally matching certain criteria for filtering, up to 100 at a time. Pagination may be done with the HTTP Link header in the response. See [Paginating through API responses]({{<relref "api/guidelines#pagination">}}) for more information.

Returns: Array of [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:read:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
3.3.0 - added sensitized
4.0.0 - support custom roles and permissions

Request

Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.
Query parameters
local
Boolean. Filter for local accounts?
remote
Boolean. Filter for remote accounts?
active
Boolean. Filter for currently active accounts?
pending
Boolean. Filter for currently pending accounts?
disabled
Boolean. Filter for currently disabled accounts?
silenced
Boolean. Filter for currently silenced accounts?
suspended
Boolean. Filter for currently suspended accounts?
sensitized
Boolean. Filter for accounts force-marked as sensitive?
username
String. Search for the given username
display_name
String. Search for the given display name
by_domain
String. Filter by the given domain
email
String. Lookup a user with this email
ip
String. Lookup users with this IP address
staff
Boolean. Filter for staff accounts?
max_id
String. Return results older than ID.
since_id
String. Return results newer than ID.
min_id
String. Return results immediately newer than ID.
limit
Integer. Maximum number of results to return. Defaults to 100.

Response

200: OK
[
  {
    "id": "108267707882207829",
    "username": "trwnh",
    "domain": null,
    "created_at": "2022-05-08T18:21:56.870Z",
    "email": "trwnh@mastodon.local",
    "ip": {
      "user_id": 2,
      "ip": "192.168.42.1",
      "used_at": "2022-05-08T18:21:56.944Z"
    },
    "role": "user",
    "confirmed": false,
    "suspended": false,
    "silenced": false,
    "disabled": false,
    "approved": true,
    "locale": "en",
    "invite_request": null,
    "ips": [
      {
        "ip": "192.168.42.1",
        "used_at": "2022-05-08T18:21:56.944Z"
      }
    ],
    "account": {
      "id": "108267707882207829",
      "username": "trwnh",
      "acct": "trwnh",
      // ...
    }
  },
  {
    "id": "108267695853695427",
    "username": "admin",
    "domain": null,
    "created_at": "2022-05-08T18:18:53.221Z",
    "email": "admin@mastodon.local",
    "ip": {
      "user_id": 1,
      "ip": "192.168.42.1",
      "used_at": "2022-09-08T16:10:38.621Z"
    },
    "role": "admin",
    "confirmed": true,
    "suspended": false,
    "silenced": false,
    "disabled": false,
    "approved": true,
    "locale": null,
    "invite_request": null,
    "ips": [
      {
        "ip": "192.168.42.1",
        "used_at": "2022-09-08T16:10:38.621Z"
      }
    ],
    "account": {
      "id": "108267695853695427",
      "username": "admin",
      "acct": "admin",
      // ...
    }
  }
]
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}

View accounts (v2)

GET https://mastodon.example/api/v2/admin/accounts HTTP/1.1

View all accounts, optionally matching certain criteria for filtering, up to 100 at a time. Pagination may be done with the HTTP Link header in the response. See [Paginating through API responses]({{<relref "api/guidelines#pagination">}}) for more information.

Returns: Array of [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:read:accounts
Permissions: Manage Users
Version history:
3.5.0 - added
4.0.0 - added role_ids. Support custom roles and permissions

Request

Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.
Query parameters
origin
String. Filter for local or remote accounts.
status
String. Filter for active, pending, disabled, silenced, or suspended accounts.
permissions
String. Filter for accounts with staff permissions (users that can manage reports).
role_ids
String. Filter for users with these roles.
invited_by
String. Lookup users invited by the account with this ID.
username
String. Search for the given username.
display_name
String. Search for the given display name.
by_domain
String. Filter by the given domain.
email
String. Lookup a user with this email.
ip
String. Lookup users with this IP address.
max_id
String. Return results older than ID.
since_id
String. Return results newer than ID.
min_id
String. Return results immediately newer than ID.
limit
Integer. Maximum number of results to return. Defaults to 100.

Response

200: OK
[
  {
    "id": "108267695853695427",
    "username": "admin",
    "domain": null,
    "created_at": "2022-05-08T18:18:53.221Z",
    "email": "admin@mastodon.local",
    "ip": {
      "user_id": 1,
      "ip": "192.168.42.1",
      "used_at": "2022-09-08T16:10:38.621Z"
    },
    "role": {
		"id": 3,
		"name": "Owner",
		"color": "#3584e4",
		"position": 1000,
		"permissions": 1,
		"highlighted": true,
		"created_at": "2022-09-08T22:48:07.983Z",
		"updated_at": "2022-09-09T10:45:13.226Z"
	},
    "confirmed": true,
    "suspended": false,
    "silenced": false,
    "disabled": false,
    "approved": true,
    "locale": null,
    "invite_request": null,
    "ips": [
      {
        "ip": "192.168.42.1",
        "used_at": "2022-09-08T16:10:38.621Z"
      }
    ],
    "account": {
      "id": "108267695853695427",
      "username": "admin",
      "acct": "admin",
      // ...
    }
  }
]
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}

View a specific account

GET https://mastodon.example/api/v1/admin/accounts/:id HTTP/1.1

View admin-level information about the given account.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:read:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK
{
	"id": "108267695853695427",
	"username": "admin",
	"domain": null,
	"created_at": "2022-05-08T18:18:53.221Z",
	"email": "admin@mastodon.local",
	"ip": {
		"user_id": 1,
		"ip": "192.168.42.1",
		"used_at": "2022-09-08T16:10:38.621Z"
	},
	"role": {
		"id": 3,
		"name": "Owner",
		"color": "",
		"position": 1000,
		"permissions": 1,
		"highlighted": true,
		"created_at": "2022-09-08T22:48:07.983Z",
		"updated_at": "2022-09-08T22:48:07.983Z"
	},
	"confirmed": true,
	"suspended": false,
	"silenced": false,
	"disabled": false,
	"approved": true,
	"locale": null,
	"invite_request": null,
	"ips": [
		{
			"ip": "192.168.42.1",
			"used_at": "2022-09-08T16:10:38.621Z"
		}
	],
	"account": {
		"id": "108267695853695427",
		"username": "admin",
		"acct": "admin",
		// ...
	}
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
	"error": "Record not found"
}

Approve a pending account

POST https://mastodon.example/api/v1/admin/accounts/:id/approve HTTP/1.1

Approve the given local account if it is currently pending approval.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

The account is now approved

{
  "id": "108965430868193066",
  "username": "goody",
  "domain": null,
  "created_at": "2022-09-08T23:42:04.731Z",
  // ...
  "approved": true,
  // ...
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header, or account is currently not pending.

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
	"error": "Record not found"
}

Reject a pending account

POST https://mastodon.example/api/v1/admin/accounts/:id/reject HTTP/1.1

Reject the given local account if it is currently pending approval.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK
{
  "id": "108965436418975594",
  "username": "badguy",
  "domain": null,
  "created_at": "2022-09-08T23:43:29.427Z",
  "email": "badguy@mastodon.local",
  "ip": null,
  "role": {
    "id": -99,
    "name": "",
    "color": "",
    "position": -1,
    "permissions": 65536,
    "highlighted": false,
    "created_at": "2022-09-08T22:48:07.977Z",
    "updated_at": "2022-09-08T22:48:07.977Z"
  },
  "confirmed": true,
  "suspended": false,
  "silenced": false,
  "disabled": false,
  "approved": false,
  "locale": "en",
  "invite_request": "i am going to commit crimes",
  "ips": [],
  "account": {
    "id": "108965436418975594",
    "username": "badguy",
    "acct": "badguy",
    "display_name": "",
    "locked": false,
    "bot": false,
    "discoverable": null,
    "group": false,
    "created_at": "2022-09-08T00:00:00.000Z",
    "note": "",
    "url": "http://mastodon.local/@badguy",
    "avatar": "http://mastodon.local/avatars/original/missing.png",
    "avatar_static": "http://mastodon.local/avatars/original/missing.png",
    "header": "http://mastodon.local/headers/original/missing.png",
    "header_static": "http://mastodon.local/headers/original/missing.png",
    "followers_count": 0,
    "following_count": 0,
    "statuses_count": 0,
    "last_status_at": null,
    "emojis": [],
    "fields": []
  }
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header, or the account is not currently pending.

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
  "error": "Record not found"
}

Delete an account

DELETE https://mastodon.example/api/v1/admin/accounts/:id HTTP/1.1

Permanently delete data for a suspended account.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Delete User Data
Version history:
3.3.0 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

The account's data has been deleted.

{
  "id": "108965430868193066",
  "username": "goody",
  "domain": null,
  "created_at": "2022-09-08T23:42:04.731Z",
  "email": "goody@mastodon.local",
  "ip": {
    "user_id": 3,
    "ip": "192.168.42.1",
    "used_at": "2022-09-08T23:42:04.761Z"
  },
  "role": {
    "id": -99,
    "name": "",
    "color": "",
    "position": -1,
    "permissions": 65536,
    "highlighted": false,
    "created_at": "2022-09-08T22:48:07.977Z",
    "updated_at": "2022-09-08T22:48:07.977Z"
  },
  "confirmed": true,
  "suspended": true,
  "silenced": false,
  "disabled": false,
  "approved": true,
  "locale": "en",
  "invite_request": "this is a compelling reason",
  "ips": [
    {
      "ip": "192.168.42.1",
      "used_at": "2022-09-08T23:42:04.761Z"
    }
  ],
  "account": {
    "id": "108965430868193066",
    "username": "goody",
    "acct": "goody",
    "display_name": "",
    "locked": false,
    "bot": false,
    "discoverable": false,
    "group": false,
    "created_at": "2022-09-08T00:00:00.000Z",
    "note": "",
    "url": "http://mastodon.local/@goody",
    "avatar": "http://mastodon.local/avatars/original/missing.png",
    "avatar_static": "http://mastodon.local/avatars/original/missing.png",
    "header": "http://mastodon.local/headers/original/missing.png",
    "header_static": "http://mastodon.local/headers/original/missing.png",
    "followers_count": 0,
    "following_count": 0,
    "statuses_count": 0,
    "last_status_at": null,
    "suspended": true,
    "emojis": [],
    "fields": []
  }
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header, or account was already deleted.

{
  "error": "This action is not allowed"
}

Perform an action against an account

POST https://mastodon.example/api/v1/admin/accounts/:id/action HTTP/1.1

Perform an action against an account and log this action in the moderation history. Also resolves any open reports against this account.

Returns: empty object
OAuth: User token + admin:write:accounts
Permissions: Manage Users, Manage Reports
Version history:
2.9.1 - added
3.3.0 - add sensitive as a possible type
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.
Form data parameters
type
{{}} String. The type of action to be taken: none, sensitive, disable, silence, or suspend.
report_id
String. The ID of an associated report that caused this action to be taken.
warning_preset_id
String. The ID of a preset warning.
text
String. Additional clarification for why this action was taken.
send_email_notification
Boolean. Should an email be sent to the user with the above information?

Response

200: OK

The action was successfully taken

{}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

Account or Report with given ID does not exist

{
  "error": "Record not found"
}
422: Server error

type is not provided or is not understood

{
  "error": "Record invalid"
}

Enable a currently disabled account

POST https://mastodon.example/api/v1/admin/accounts/:id/enable HTTP/1.1

Re-enable a local account whose login is currently disabled.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

Account was enabled, or was already enabled.

{
	"id": "108965430868193066",
	"username": "goody",
	"domain": null,
	"created_at": "2022-09-08T23:42:04.731Z",
	// ...
	"disabled": false,
	// ...
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
  "error": "Record not found"
}

Unsilence an account

POST https://mastodon.example/api/v1/admin/accounts/:id/unsilence HTTP/1.1

Unsilence an account if it is currently silenced.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

Account was unsilenced, or was already not silenced

{
  "id": "108965430868193066",
  "username": "goody",
  "domain": null,
  "created_at": "2022-09-08T23:42:04.731Z",
  // ...
  "silenced": false,
  // ...
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
  "error": "Record not found"
}

Unsuspend an account

POST https://mastodon.example/api/v1/admin/accounts/:id/unsuspend HTTP/1.1

Unsuspend a currently suspended account.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
2.9.1 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

Account successfully unsuspended

{
  "id": "108965430868193066",
  "username": "goody",
  "domain": null,
  "created_at": "2022-09-08T23:42:04.731Z",
  // ...
  "suspended": false,
  // ...
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header, or Account is not currently suspended

{
	"error": "This action is not allowed"
}
404: Not found

Account does not exist

{
	"error": "Record not found"
}

Unmark an account as sensitive

POST https://mastodon.example/api/v1/admin/accounts/:id/unsensitive HTTP/1.1

Stops marking an account's posts as sensitive, if it was previously flagged as sensitive.

Returns: [Admin::Account]({{<relref "entities/Admin_Account">}})
OAuth: User token + admin:write:accounts
Permissions: Manage Users
Version history:
3.3.0 - added
4.0.0 - support custom roles and permissions

Request

Path parameters
:id
{{}} String. The ID of the Account in the database.
Headers
Authorization
{{}} Provide this header with Bearer <user token> to gain authorized access to this API method.

Response

200: OK

The account is no longer marked as sensitive, or was already not marked as sensitive.

{
  "id": "108965430868193066",
  "username": "goody",
  "domain": null,
  "created_at": "2022-09-08T23:42:04.731Z",
  // ...
  "sensitized": false,
  // ...
}
403: Forbidden

Authorized user is missing a permission, or invalid or missing Authorization header

{
  "error": "This action is not allowed"
}
404: Not found

Account does not exist

{
	"error": "Record not found"
}

See also

{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/admin/accounts_controller.rb" caption="app/controllers/api/v1/admin/accounts_controller.rb" >}}

{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/admin/account_actions_controller.rb" caption="app/controllers/api/v1/admin/account_actions_controller.rb" >}}