ffbe66a389
* fix relrefs around trends and related entities * revert moving caption-links to middle of page * hide empty menu in table of contents * clarify edit notifs are only for boosted statuses * following/followers no longer need auth * fix typo * specify cooldown period for account Move * use the correct cooldown * add missing parameters to accounts/id/statuses * link to account_statuses_filter.rb * fix typo (#1072) * fix typo (#1073) * fix link to http sig spec (#1067) * simply HTTP request examples in api methods docs * add missing client_secret to oauth/token (#1062) * Add any, all, none to hashtag timeline * minor formatting changes * Update signature requirements and advice * fix public key -> private key * clarify use of RSA with SHA256 * Add note about saving your profile after adding rel-me link * v2 filters api * comment out params that shouldn't be used in v2 filter api * admin trends * remove old todo * canonical email blocks + scheduled statuses * remove under-construction warnings from finished pages * verify api method params with source code * fix typo (#1088) * fix broken caption-links (#1100) * fix formatting of entities (#1094) * Remove keybase section from user guide (#1093) * fix typos (#1092) * Verify limits are accurate (#1086) * add mention of iframe limitation (#1084) * Add CORS header to WEB_DOMAIN example (#1083) * Fix typo (#1081) * pin http sigs spec at draft 8 * Revert "pin http sigs spec at draft 8" This reverts commit 9fd5f7032b69b29e77599dd62adfe8d2f5cd4f20. * add case sensitivity warning to 4.0 roles * Add url length note to bio (#1087) * remove follow scope from examples (#1103) * clarify usage of update_credentials to update profile fields * add noindex to Account entitity * remove required hint from technically not required property
5.4 KiB
| title | description | menu | aliases | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| domain_allows API methods | Allow certain domains to federate. |
|
|
List all allowed domains
GET /api/v1/admin/domain_allows HTTP/1.1
Show information about all allowed domains.
Returns: Array of [Admin::DomainAllow]({{< relref "entities/Admin_DomainAllow" >}})
OAuth: User token + admin:read:domain_allows
Permissions: Manage Federation
Version history:
4.0.0 - added
Request
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Query parameters
- max_id
- Internal parameter. Use HTTP
Linkheader for pagination. - since_id
- Internal parameter. Use HTTP
Linkheader for pagination. - min_id
- Internal parameter. Use HTTP
Linkheader for pagination. - limit
- Integer. Maximum number of results to return. Defaults to 100 allows. Max 200 allows.
Response
200: OK
[
{
"id": "2",
"domain": "mastodon",
"created_at": "2022-09-14T21:24:15.360Z"
},
{
"id": "1",
"domain": "mastodon.social",
"created_at": "2022-09-14T21:23:02.755Z"
}
]
Because DomainAllow IDs are generally not exposed via any API responses, you will have to parse the HTTP Link header to load older or newer results. See [Paginating through API responses]({{<relref "api/guidelines#pagination">}}) for more information.
Link: <http://mastodon.example/api/v1/admin/domain_allows?limit=2&max_id=2>; rel="next", <http://mastodon.example/api/v1/admin/domain_allows?limit=2&since_id=1>; rel="prev"
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
Get a single allowed domain
GET /api/v1/admin/domain_allows/:id HTTP/1.1
Show information about a single allowed domain.
Returns: [Admin::DomainAllow]({{< relref "entities/Admin_DomainAllow" >}})
OAuth: User token + admin:read:domain_allows
Permissions: Manage Federation
Version history:
4.0.0 - added
Path parameters
- :id
- {{}} String. The ID of the DomainAllow in the database.
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Response
200: OK
{
"id": "1",
"domain": "mastodon.social",
"created_at": "2022-09-14T21:23:02.755Z"
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
DomainAllow with the given ID does not exist
{
"error": "Record not found"
}
Allow a domain to federate
POST /api/v1/admin/domain_allows HTTP/1.1
Add a domain to the list of domains allowed to federate, to be used when the instance is in allow-list federation mode.
Returns: [Admin::DomainAllow]({{< relref "entities/Admin_DomainAllow" >}})
OAuth: User token + admin:write:domain_allows
Permissions: Manage Federation
Version history:
4.0.0 - added
Request
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Form data parameters
- domain
- {{}} String. The domain to allow federation with.
Response
200: OK
Domain has been allowed to federate, or was already allowed to federate
{
"id": "1",
"domain": "mastodon.social",
"created_at": "2022-09-14T21:23:02.755Z"
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
422: Unprocessable entity
The domain parameter was not provided or was invalid
{
"error": "Validation failed: Domain can't be blank"
}
Delete an allowed domain
DELETE /api/v1/admin/domain_allows/:id HTTP/1.1
Delete a domain from the allowed domains list.
Returns: [Admin::DomainAllow]({{< relref "entities/Admin_DomainAllow" >}})
OAuth: User token + admin:write:domain_allows
Permissions: Manage Federation
Version history:
4.0.0 - added
Request
Path parameters
- :id
- {{}} String. The ID of the DomainAllow in the database.
Headers
- Authorization
- {{}} Provide this header with
Bearer <user token>to gain authorized access to this API method.
Response
200: OK
The allowed domain has been removed from the allow list
{
"id": "4",
"domain": "*",
"created_at": "2022-09-14T21:32:44.945Z"
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
DomainAllow with the given ID does not exist
{
"error": "Record not found"
}
See also
{{< caption-link url="https://github.com/mastodon/mastodon/blob/main/app/controllers/api/v1/admin/domain_allows_controller.rb" caption="app/controllers/api/v1/admin/domain_allows_controller.rb" >}}