Profile

Grants List

get
https://api.linode.com/v4/profile/grants

This returns a GrantsResponse describing what the acting User has been granted access to. For unrestricted users, this will return a 204 and no body because unrestricted users have access to everything without grants. This will not return information about entities you do not have access to. This endpoint is useful when writing third-party OAuth applications to see what options you should present to the acting User.

For example, if they do not have global.add_linodes, you might not display a button to deploy a new Linode.

Any client may access this endpoint; no OAuth scopes are required.

Request Samples

curl -H "Authorization: Bearer $TOKEN" \
    https://api.linode.com/v4/profile/grants

Response Samples

{
  "global": {
    "add_linodes": true,
    "add_longview": true,
    "longview_subscription": true,
    "account_access": "read_only",
    "cancel_account": false,
    "add_domains": true,
    "add_stackscripts": true,
    "add_nodebalancers": true,
    "add_images": true,
    "add_volumes": true,
    "add_firewalls": true,
    "add_databases": true
  },
  "linode": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "database": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "domain": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "nodebalancer": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "image": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "longview": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "stackscript": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ],
  "volume": [
    {
      "id": 123,
      "permissions": "read_only",
      "label": "example-entity"
    }
  ]
}

Responses

200: GrantsResponse

global
object

A structure containing the Account-level grants a User has.

add_linodes
boolean

If true, this User may create Linodes.

add_longview
boolean

If true, this User may create Longview clients and view the current plan.

longview_subscription
boolean

If true, this User may manage the Account's Longview subscription.

account_access
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to Account-level actions, like billing information. A restricted User will never be able to manage users.

cancel_account
boolean

If true, this User may cancel the entire Account.

add_domains
boolean

If true, this User may add Domains.

add_stackscripts
boolean

If true, this User may add StackScripts.

add_nodebalancers
boolean

If true, this User may add NodeBalancers.

add_images
boolean

If true, this User may add Images.

add_volumes
boolean

If true, this User may add Volumes.

add_firewalls
boolean

If true, this User may add Firewalls.

add_databases
boolean

if true, this User may add Managed Databases.

linode
array of objects

The grants this User has for each Linode that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

database
array of objects

The grants this User has for each Database that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

domain
array of objects

The grants this User has for each Domain that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

nodebalancer
array of objects

The grants this User has for each NodeBalancer that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

image
array of objects

The grants this User has for each Image that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

longview
array of objects

The grants this User has for each Longview Client that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

stackscript
array of objects

The grants this User has for each StackScript that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

volume
array of objects

The grants this User has for each Block Storage Volume that is owned by this Account.

id
integer

The ID of the entity this grant applies to.

permissions
Nullable
string
Enum: "read_only""read_write"

The level of access this User has to this entity. If null, this User has no access.

label
string

The current label of the entity this grant applies to, for display purposes.

204: This is an unrestricted User, who has no grants. This User can access everything on the Account.

default: Error

errors
array of objects
reason
string

What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to open a Support Ticket or perform some other action before you can complete the request successfully.

field
string

The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as "null" if the error is not specific to any single element of the request.