6.8 KiB
| title | description | menu | aliases | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ip_blocks API methods | Disallow certain IP address ranges from signing up. |
|
|
List all IP blocks
GET /api/v1/admin/ip_blocks HTTP/1.1
Show information about all blocked IP ranges.
Returns: Array of [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Query parameters
- max_id
- Internal parameter. Use HTTP
Linkheader for pagination. - since_id
- Internal parameter. Use HTTP
Linkheader for pagination. - min_id
- Internal parameter. Use HTTP
Linkheader for pagination. - limit
- Integer. Maximum number of results to return. Defaults to 100 blocks. Max 200 blocks.
Response
200: OK
[
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
},
// ...
]
Because IpBlock IDs are generally not exposed via any API responses, you will have to parse the HTTP Link header to load older or newer results. See [Paginating through API responses]({{<relref "api/guidelines#pagination">}}) for more information.
Link: <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&max_id=2>; rel="next", <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&since_id=1>; rel="prev"
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
Get a single IP block
GET /api/v1/admin/ip_blocks/:id HTTP/1.1
Show information about a single IP block.
Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Path parameters
- :id
- {{}} String. The ID of the IpBlock in the database.
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Response
200: OK
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
IpBlock with the given ID does not exist
{
"error": "Record not found"
}
Block an IP address range from signing up
POST /api/v1/admin/ip_blocks HTTP/1.1
Add an IP address range to the list of IP blocks.
Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Form data parameters
- ip
- String. The IP address and prefix to block. Defaults to
0.0.0.0/32 - severity
- {{}} String. The policy to apply to this IP range:
sign_up_requires_approval,sign_up_block, orno_access - comment
- String. The reason for this IP block.
- expires_in
- Integer. The number of seconds in which this IP block will expire.
Response
200: OK
IP has been blocked from signups.
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
422: Unprocessable entity
IP has already been blocked, and/or no severity was provided
{
"error": "Validation failed: Severity can't be blank, Ip has already been taken"
}
Update a domain block
PUT /api/v1/admin/ip_blocks/:id HTTP/1.1
Change parameters for an existing IP block.
Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Path parameters
- :id
- {{}} String. The ID of the IpBlock in the database.
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Form data parameters
- ip
- String. The IP address and prefix to block. Defaults to
0.0.0.0/32 - severity
- String. The policy to apply to this IP range:
sign_up_requires_approval,sign_up_block, orno_access - comment
- String. The reason for this IP block.
- expires_in
- Integer. The number of seconds in which this IP block will expire.
Response
200: OK
IP block has been updated
{
"id": "1",
"ip": "8.8.4.4/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
Delete an IP block
DELETE /api/v1/admin/ip_blocks/:id HTTP/1.1
Lift a block against an IP range.
Returns: [Admin::IpBlock]({{< relref "entities/Admin_IpBlock" >}})
OAuth: User token + admin:write:domain_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Path parameters
- :id
- {{}} String. The ID of the DomainAllow in the database.
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Response
200: OK
The IP has been removed from the block list
{}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
IpBlock with the given ID does not exist
{
"error": "Record not found"
}
See also
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/admin/ip_blocks_controller.rb" caption="app/controllers/api/v1/admin/ip_blocks_controller.rb" >}}