ip_blocks API methods
Disallow certain IP address ranges from signing up.
Last modified
Edit this page
List all IP blocks
GET /api/v1/admin/ip_blocks HTTP/1.1
Show information about all blocked IP ranges.
Returns: Array of
Admin::IpBlock
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Headers
- Authorization
- required Provide this header with
Bearer <user token>
to gain authorized access to this API method.
Query parameters
- max_id
- Internal parameter. Use HTTP
Link
header for pagination. - since_id
- Internal parameter. Use HTTP
Link
header for pagination. - min_id
- Internal parameter. Use HTTP
Link
header for pagination. - limit
- Integer. Maximum number of results to return. Defaults to 100 blocks. Max 200 blocks.
Response
200: OK
[
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
},
// ...
]
Because IpBlock IDs are generally not exposed via any API responses, you will have to parse the HTTP Link
header to load older or newer results. See
Paginating through API responses for more information.
Link: <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&max_id=2>; rel="next", <http://mastodon.example/api/v1/admin/ip_blocks?limit=2&since_id=1>; rel="prev"
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
Get a single IP block
GET /api/v1/admin/ip_blocks/:id HTTP/1.1
Show information about a single IP block.
Returns:
Admin::IpBlock
OAuth: User token + admin:read:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Path parameters
- :id
- required String. The ID of the IpBlock in the database.
Headers
- Authorization
- required Provide this header with
Bearer <user token>
to gain authorized access to this API method.
Response
200: OK
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
IpBlock with the given ID does not exist
{
"error": "Record not found"
}
Block an IP address range from signing up
POST /api/v1/admin/ip_blocks HTTP/1.1
Add an IP address range to the list of IP blocks.
Returns:
Admin::IpBlock
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Headers
- Authorization
- required Provide this header with
Bearer <user token>
to gain authorized access to this API method.
Form data parameters
- ip
- String. The IP address and prefix to block. Defaults to
0.0.0.0/32
- severity
- required String. The policy to apply to this IP range:
sign_up_requires_approval
,sign_up_block
, orno_access
- comment
- String. The reason for this IP block.
- expires_in
- Integer. The number of seconds in which this IP block will expire.
Response
200: OK
IP has been blocked from signups.
{
"id": "1",
"ip": "8.8.8.8/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
422: Unprocessable entity
IP has already been blocked, and/or no severity was provided
{
"error": "Validation failed: Severity can't be blank, Ip has already been taken"
}
Update a domain block
PUT /api/v1/admin/ip_blocks/:id HTTP/1.1
Change parameters for an existing IP block.
Returns:
Admin::IpBlock
OAuth: User token + admin:write:ip_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Path parameters
- :id
- required String. The ID of the IpBlock in the database.
Headers
- Authorization
- required Provide this header with
Bearer <user token>
to gain authorized access to this API method.
Form data parameters
- ip
- String. The IP address and prefix to block. Defaults to
0.0.0.0/32
- severity
- String. The policy to apply to this IP range:
sign_up_requires_approval
,sign_up_block
, orno_access
- comment
- String. The reason for this IP block.
- expires_in
- Integer. The number of seconds in which this IP block will expire.
Response
200: OK
IP block has been updated
{
"id": "1",
"ip": "8.8.4.4/32",
"severity": "no_access",
"comment": "",
"created_at": "2022-11-16T07:22:00.501Z",
"expires_at": null
}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
Delete an IP block
DELETE /api/v1/admin/ip_blocks/:id HTTP/1.1
Lift a block against an IP range.
Returns:
Admin::IpBlock
OAuth: User token + admin:write:domain_blocks
Permissions: Manage Blocks
Version history:
4.0.0 - added
Request
Path parameters
- :id
- required String. The ID of the DomainAllow in the database.
Headers
- Authorization
- required Provide this header with
Bearer <user token>
to gain authorized access to this API method.
Response
200: OK
The IP has been removed from the block list
{}
403: Forbidden
Authorized user is not allowed to perform this action, or invalid or missing Authorization header
{
"error": "This action is not allowed"
}
404: Not found
IpBlock with the given ID does not exist
{
"error": "Record not found"
}