Profile
v4.176.0 Profile View GET
https://api.linode.com/v4/profile
Returns information about the current User. This can be used to see who is acting in applications where more than one token is managed. For example, in third-party OAuth applications.
This endpoint is always accessible, no matter what OAuth scopes the acting token has.
Authorizations Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
Response Samples
200
default
{
"authentication_type" : "password" ,
"authorized_keys" : [
null
],
"email" : "example-user@gmail.com" ,
"email_notifications" : true ,
"ip_whitelist_enabled" : false ,
"lish_auth_method" : "keys_only" ,
"referrals" : {
"code" : "871be32f49c1411b14f29f618aaf0c14637fb8d3" ,
"completed" : 0 ,
"credit" : 0 ,
"pending" : 0 ,
"total" : 0 ,
"url" : "https://www.linode.com/?r=871be32f49c1411b14f29f618aaf0c14637fb8d3"
},
"restricted" : false ,
"timezone" : "US/Eastern" ,
"two_factor_auth" : true ,
"uid" : 1234 ,
"username" : "exampleUser" ,
"verified_phone_number" : "+5555555555"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Profile response.
stringEnum:
password
github
This account’s Cloud Manager authentication type. Authentication types are chosen through
Cloud Manager and authorized when logging into your account. These authentication types are either
the user’s password (in conjunction with their username), or the name of their
indentity provider such as GitHub. For example, if a user:
Has never used Third-Party Authentication, their authentication type will be password. Is using Third-Party Authentication, their authentication type will be the name of their Identity Provider (eg. github). Has used Third-Party Authentication and has since revoked it, their authentication type will be password. Note: This functionality may not yet be available in Cloud Manager.
See the
Cloud Manager Changelog for the latest updates.
array
of strings
The list of SSH Keys authorized to use Lish for your User. This value is ignored if lish_auth_method is “disabled.”
string<email>
Your email address. This address will be used for communication with Linode as necessary.
boolean
If true, you will receive email notifications about account activity. If false, you may still receive business-critical communications through email.
boolean
If true, logins for your User will only be allowed from whitelisted IPs. This setting is currently deprecated, and cannot be enabled.
If you disable this setting, you will not be able to re-enable it.
stringEnum:
password_keys
keys_only
disabled
The authentication methods that are allowed when connecting to
the Linode Shell (Lish) .
keys_only is the most secure if you intend to use Lish.disabled is recommended if you do not intend to use Lish at all.If this account’s Cloud Manager authentication type is set to a Third-Party Authentication method, password_keys cannot be used as your Lish authentication method. To view this account’s Cloud Manager authentication_type field, send a request to the
View Profile endpoint. object
Information about your status in our referral program.
This information becomes accessible after this Profile’s Account has established at least $25.00 USD of total payments.
string
Your referral code. If others use this when signing up for Linode, you will receive account credit.
integer
The number of completed signups with your referral code.
integer
The amount of account credit in US Dollars issued to you through the referral program.
integer
The number of pending signups with your referral code. You will not receive credit for these signups until they are completed.
integer
The number of users who have signed up with your referral code.
string<url>
Your referral url, used to direct others to sign up for Linode with your referral code.
boolean
If true, your User has restrictions on what can be accessed on your Account. To get details on what entities/actions you can access/perform, see
/profile/grants .
string
The timezone you prefer to see times in. This is not used by the API directly. It is provided for the benefit of clients such as the Linode Cloud Manager and other clients built on the API. All times returned by the API are in UTC.
boolean
If true, logins from untrusted computers will require Two Factor Authentication. See
/profile/tfa-enable to enable Two Factor Authentication.
integer
Your unique ID in our system. This value will never change, and can safely be used to identify your User.
string
Your username, used for logging in to our system.
verified_phone_number
Nullable
string<phone>
The phone number verified for this Profile with the Phone Number Verify (
POST /profile/phone-number/verify ) command.
null if this Profile has no verified phone number.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Profile Update PUT
https://api.linode.com/v4/profile
Update information in your Profile. This endpoint requires the
“account:read_write” OAuth Scope.
Parent and child accounts
In a
parent and child account environment, the following apply:
You can’t edit the email for a child account parent user (proxy user). This value is fixed and set when you provision this environment. Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"email": "example-user@gmail.com",
"timezone": "US/Eastern",
"email_notifications": true,
"lish_auth_method": "keys_only",
"authorized_keys": null,
"two_factor_auth": true,
"restricted": false
}' \
linode-cli profile update \
\
\
true \
\
true \
false
Request Body Schema array
of strings
The list of SSH Keys authorized to use Lish for your User. This value is ignored if lish_auth_method is “disabled.”
string<email>
Your email address. This address will be used for communication with Linode as necessary.
boolean
If true, you will receive email notifications about account activity. If false, you may still receive business-critical communications through email.
boolean
If true, logins for your User will only be allowed from whitelisted IPs. This setting is currently deprecated, and cannot be enabled.
If you disable this setting, you will not be able to re-enable it.
stringEnum:
password_keys
keys_only
disabled
The authentication methods that are allowed when connecting to
the Linode Shell (Lish) .
keys_only is the most secure if you intend to use Lish.disabled is recommended if you do not intend to use Lish at all.If this account’s Cloud Manager authentication type is set to a Third-Party Authentication method, password_keys cannot be used as your Lish authentication method. To view this account’s Cloud Manager authentication_type field, send a request to the
View Profile endpoint. boolean
If true, your User has restrictions on what can be accessed on your Account. To get details on what entities/actions you can access/perform, see
/profile/grants .
string
The timezone you prefer to see times in. This is not used by the API directly. It is provided for the benefit of clients such as the Linode Cloud Manager and other clients built on the API. All times returned by the API are in UTC.
boolean
If true, logins from untrusted computers will require Two Factor Authentication. See
/profile/tfa-enable to enable Two Factor Authentication.
Response Samples
200
default
{
"authentication_type" : "password" ,
"authorized_keys" : [
null
],
"email" : "example-user@gmail.com" ,
"email_notifications" : true ,
"ip_whitelist_enabled" : false ,
"lish_auth_method" : "keys_only" ,
"referrals" : {
"code" : "871be32f49c1411b14f29f618aaf0c14637fb8d3" ,
"completed" : 0 ,
"credit" : 0 ,
"pending" : 0 ,
"total" : 0 ,
"url" : "https://www.linode.com/?r=871be32f49c1411b14f29f618aaf0c14637fb8d3"
},
"restricted" : false ,
"timezone" : "US/Eastern" ,
"two_factor_auth" : true ,
"uid" : 1234 ,
"username" : "exampleUser" ,
"verified_phone_number" : "+5555555555"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Profile updated successfully.
stringEnum:
password
github
This account’s Cloud Manager authentication type. Authentication types are chosen through
Cloud Manager and authorized when logging into your account. These authentication types are either
the user’s password (in conjunction with their username), or the name of their
indentity provider such as GitHub. For example, if a user:
Has never used Third-Party Authentication, their authentication type will be password. Is using Third-Party Authentication, their authentication type will be the name of their Identity Provider (eg. github). Has used Third-Party Authentication and has since revoked it, their authentication type will be password. Note: This functionality may not yet be available in Cloud Manager.
See the
Cloud Manager Changelog for the latest updates.
array
of strings
The list of SSH Keys authorized to use Lish for your User. This value is ignored if lish_auth_method is “disabled.”
string<email>
Your email address. This address will be used for communication with Linode as necessary.
boolean
If true, you will receive email notifications about account activity. If false, you may still receive business-critical communications through email.
boolean
If true, logins for your User will only be allowed from whitelisted IPs. This setting is currently deprecated, and cannot be enabled.
If you disable this setting, you will not be able to re-enable it.
stringEnum:
password_keys
keys_only
disabled
The authentication methods that are allowed when connecting to
the Linode Shell (Lish) .
keys_only is the most secure if you intend to use Lish.disabled is recommended if you do not intend to use Lish at all.If this account’s Cloud Manager authentication type is set to a Third-Party Authentication method, password_keys cannot be used as your Lish authentication method. To view this account’s Cloud Manager authentication_type field, send a request to the
View Profile endpoint. object
Information about your status in our referral program.
This information becomes accessible after this Profile’s Account has established at least $25.00 USD of total payments.
string
Your referral code. If others use this when signing up for Linode, you will receive account credit.
integer
The number of completed signups with your referral code.
integer
The amount of account credit in US Dollars issued to you through the referral program.
integer
The number of pending signups with your referral code. You will not receive credit for these signups until they are completed.
integer
The number of users who have signed up with your referral code.
string<url>
Your referral url, used to direct others to sign up for Linode with your referral code.
boolean
If true, your User has restrictions on what can be accessed on your Account. To get details on what entities/actions you can access/perform, see
/profile/grants .
string
The timezone you prefer to see times in. This is not used by the API directly. It is provided for the benefit of clients such as the Linode Cloud Manager and other clients built on the API. All times returned by the API are in UTC.
boolean
If true, logins from untrusted computers will require Two Factor Authentication. See
/profile/tfa-enable to enable Two Factor Authentication.
integer
Your unique ID in our system. This value will never change, and can safely be used to identify your User.
string
Your username, used for logging in to our system.
verified_phone_number
Nullable
string<phone>
The phone number verified for this Profile with the Phone Number Verify (
POST /profile/phone-number/verify ) command.
null if this Profile has no verified phone number.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Authorized Apps List GET
https://api.linode.com/v4/profile/apps
This is a collection of OAuth apps that you’ve given access to your Account, and includes the level of access granted.
Authorizations personalAccessToken oauth account:read_only
Query Parameters page Type: integer
>=
1Default:
1
Default: 1 The page of a collection to return.
page_size Type: integer
25..500Default:
100
Default: 100 The number of items to return per page.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile apps-list
Response Samples
200
default
{
"data" : [
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-15T00:01:01" ,
"id" : 123 ,
"label" : "example-app" ,
"scopes" : "linodes:read_only" ,
"thumbnail_url" : null ,
"website" : "example.org"
}
],
"page" : 1 ,
"pages" : 1 ,
"results" : 1
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
A paginated list of apps you've authorized.
array
of objects
string<date-time>
When this app was authorized.
string<date-time>
When the app’s access to your account expires. If null, the app’s access must be revoked manually.
integer
This authorization’s ID, used for revoking access.
string
The name of the application you’ve authorized.
string<oauth-scopes>
The OAuth scopes this app was authorized with. This defines what parts of your Account the app is allowed to access.
string<url>
The URL at which this app’s thumbnail may be accessed.
string<url>
The website where you can get more information about this app.
integer
The current
page .
integer
The total number of
pages .
integer
The total number of results.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
App Access Revoke DELETE
https://api.linode.com/v4/profile/apps/{appId}
Expires this app token. This token may no longer be used to access your Account.
Authorizations personalAccessToken oauth account:read_write
Path Parameters appId integer
Required The authorized app ID to manage.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
\
linode-cli profile app-delete 123
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
App's authorization has been revoked.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Authorized App View GET
https://api.linode.com/v4/profile/apps/{appId}
Returns information about a single app you’ve authorized to access your Account.
Authorizations personalAccessToken oauth account:read_only
Path Parameters appId integer
Required The authorized app ID to manage.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile app-view 1234
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-15T00:01:01" ,
"id" : 123 ,
"label" : "example-app" ,
"scopes" : "linodes:read_only" ,
"thumbnail_url" : null ,
"website" : "example.org"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
The app requested.
string<date-time>
When this app was authorized.
string<date-time>
When the app’s access to your account expires. If null, the app’s access must be revoked manually.
integer
This authorization’s ID, used for revoking access.
string
The name of the application you’ve authorized.
string<oauth-scopes>
The OAuth scopes this app was authorized with. This defines what parts of your Account the app is allowed to access.
string<url>
The URL at which this app’s thumbnail may be accessed.
string<url>
The website where you can get more information about this app.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Trusted Devices List GET
https://api.linode.com/v4/profile/devices
Returns a paginated list of active TrustedDevices for your User. Browsers with an active Remember Me Session are logged into your account until the session expires or is revoked.
Authorizations personalAccessToken oauth account:read_only
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
linode-cli profile devices-list
Response Samples
200
default
{
"data" : [
{
"created" : "2018-01-01T01:01:01" ,
"expiry" : "2018-01-31T01:01:01" ,
"id" : 123 ,
"last_authenticated" : "2018-01-05T12:57:12" ,
"last_remote_addr" : "203.0.113.1" ,
"user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 Vivaldi/2.1.1337.36\n"
}
],
"page" : 1 ,
"pages" : 1 ,
"results" : 1
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Returns a paginated list of TrustedDevice objects.
array
of objects
string<date-time>
When this Remember Me session was started. This corresponds to the time of login with the “Remember Me” box checked.
string<date-time>
When this TrustedDevice session expires. Sessions typically last 30 days.
integer
The unique ID for this TrustedDevice
string<date-time>
The last time this TrustedDevice was successfully used to authenticate to login.linode.com .
string
The last IP Address to successfully authenticate with this TrustedDevice.
string
The User Agent of the browser that created this TrustedDevice session.
integer
The current
page .
integer
The total number of
pages .
integer
The total number of results.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Trusted Device Revoke DELETE
https://api.linode.com/v4/profile/devices/{deviceId}
Revoke an active TrustedDevice for your User. Once a TrustedDevice is revoked, this device will have to log in again before accessing your Linode account.
Authorizations personalAccessToken oauth account:read_write
Path Parameters deviceId integer
Required The ID of the TrustedDevice
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
\
linode-cli profile device-revoke 123
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Session revoked successfully
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Trusted Device View GET
https://api.linode.com/v4/profile/devices/{deviceId}
Returns a single active TrustedDevice for your User.
Authorizations personalAccessToken oauth account:read_only
Path Parameters deviceId integer
Required The ID of the TrustedDevice
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
linode-cli profile device-view 123
Response Samples
200
default
{
"created" : "2018-01-01T01:01:01" ,
"expiry" : "2018-01-31T01:01:01" ,
"id" : 123 ,
"last_authenticated" : "2018-01-05T12:57:12" ,
"last_remote_addr" : "203.0.113.1" ,
"user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 Vivaldi/2.1.1337.36\n"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
The requested TrustedDevice object
string<date-time>
When this Remember Me session was started. This corresponds to the time of login with the “Remember Me” box checked.
string<date-time>
When this TrustedDevice session expires. Sessions typically last 30 days.
integer
The unique ID for this TrustedDevice
string<date-time>
The last time this TrustedDevice was successfully used to authenticate to login.linode.com .
string
The last IP Address to successfully authenticate with this TrustedDevice.
string
The User Agent of the browser that created this TrustedDevice session.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Grants List GET
https://api.linode.com/v4/profile/grants
This returns a GrantsResponse describing what the acting User has been granted access to. For unrestricted users, this will return a 204 and no body because unrestricted users have access to everything without grants. This will not return information about entities you do not have access to. This endpoint is useful when writing third-party OAuth applications to see what options you should present to the acting User.
For example, if they do not have global.add_linodes, you might not display a button to deploy a new Linode.
Any client may access this endpoint; no OAuth scopes are required.
Authorizations Request Samples
Shell
curl -H "Authorization: Bearer $TOKEN " \
Response Samples
200
204
default
{
"database" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"domain" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"global" : {
"account_access" : "read_only" ,
"add_databases" : true ,
"add_domains" : true ,
"add_firewalls" : true ,
"add_images" : true ,
"add_linodes" : true ,
"add_longview" : true ,
"add_nodebalancers" : true ,
"add_stackscripts" : true ,
"add_volumes" : true ,
"add_vpcs" : true ,
"cancel_account" : false ,
"child_account_access" : true ,
"longview_subscription" : true
},
"image" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"linode" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"longview" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"nodebalancer" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"stackscript" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"volume" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
],
"vpc" : [
{
"id" : 123 ,
"label" : "example-entity" ,
"permissions" : "read_only"
}
]
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
204
default
GrantsResponse
array
of objects
The grants this User has for each Database that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each Domain that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
object
A structure containing the Account-level grants a User has.
stringEnum:
read_only
read_write
The level of access this User has to Account-level actions,
like billing information. A restricted User will never be able
to manage users.
Parent and child accounts
In a
parent and child account environment, this grant can be added to a child account user, to give the user read-write access. This gives the child user unrestricted access to expected management operations, such as creating other child users. However, child users don’t have write access to billing operations. The API issues a specific error message if a write operation is attempted by a child user.
boolean
If true, this User may add Managed Databases.
boolean
If true, this User may add Domains.
boolean
If true, this User may add Firewalls.
boolean
If true, this User may add Images.
boolean
If true, this User may create Linodes.
boolean
If true, this User may create Longview clients and view the current plan.
boolean
If true, this User may add NodeBalancers.
boolean
If true, this User may add StackScripts.
boolean
If true, this User may add Volumes.
boolean
If true, this User may add VPCs.
boolean
If true, this User may cancel the entire Account.
child_account_access
Nullable
boolean
In a
parent and child account environment, this gives a parent account access to endpoints that can be used to manage child accounts. Unrestricted parent account users have access to this grant, while restricted parent users don’t. An unrestricted parent user can set this to true to add this grant to a restricted parent user. Displayed as null for all non-parent accounts.
boolean
If true, this User may manage the Account’s Longview subscription.
array
of objects
The grants this User has for each Image that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each Linode that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each Longview Client that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each NodeBalancer that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each StackScript that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each Block Storage Volume that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
array
of objects
The grants this User has for each VPC that is owned by this Account.
integer
The ID of the entity this grant applies to.
string
The current label of the entity this grant applies to, for display purposes.
stringEnum:
read_only
read_write
The level of access this User has to this entity. If null, this User has no access.
This is an unrestricted User, who has no grants. This User can access everything on the Account.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Logins List GET
https://api.linode.com/v4/profile/logins
Returns a collection of successful account logins from this user during the last 90 days.
Authorizations personalAccessToken oauth account:read_only
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile logins-list
Response Samples
200
default
{
"data" : [
{
"datetime" : "2018-01-01T00:01:01" ,
"id" : 1234 ,
"ip" : "192.0.2.0" ,
"restricted" : true ,
"status" : "successful" ,
"username" : "example_user"
}
],
"page" : 1 ,
"pages" : 1 ,
"results" : 1
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
An array of successful account logins from this user during the last 90 days.
array
of objects
string<date-time>
When the login was initiated.
integer
The unique ID of this login object.
string<ip>
The remote IP address that requested the login.
boolean
True if the User that attempted the login was a restricted User, false otherwise.
stringEnum:
successful
failed
Whether the login attempt succeeded or failed.
string
The username of the User that attempted the login.
integer
The current
page .
integer
The total number of
pages .
integer
The total number of results.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Login View GET
https://api.linode.com/v4/profile/logins/{loginId}
Returns a login object displaying information about a successful account login from this user.
Authorizations personalAccessToken oauth account:read_only
Path Parameters loginId integer
Required The ID of the login object to access.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile login-view 1234
Response Samples
200
default
{
"datetime" : "2018-01-01T00:01:01" ,
"id" : 1234 ,
"ip" : "192.0.2.0" ,
"restricted" : true ,
"status" : "successful" ,
"username" : "example_user"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
The requested login object.
string<date-time>
When the login was initiated.
integer
The unique ID of this login object.
string<ip>
The remote IP address that requested the login.
boolean
True if the User that attempted the login was a restricted User, false otherwise.
stringEnum:
successful
failed
Whether the login attempt succeeded or failed.
string
The username of the User that attempted the login.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Phone Number Delete DELETE
https://api.linode.com/v4/profile/phone-number
Delete the verified phone number for the User making this request.
Use this command to opt out of SMS messages for the requesting User after a phone number has been verified with the Phone Number Verify (
POST /profile/phone-number/verify ) command.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
\
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Phone number deletion request successful.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Phone Number Verification Code Send POST
https://api.linode.com/v4/profile/phone-number
Send a one-time verification code via SMS message to the submitted phone number. Providing your phone number helps ensure you can securely access your Account in case other ways to connect are lost. Your phone number is only used to verify your identity by sending an SMS message. Standard carrier messaging fees may apply.
By accessing this command you are opting in to receive SMS messages. You can opt out of SMS messages by using the Phone Number Delete (
DELETE /profile/phone-number ) command after your phone number is verified.
Verification codes are valid for 10 minutes after they are sent.
Subsequent requests made prior to code expiration result in sending the same code.
Once a verification code is received, verify your phone number with the Phone Number Verify (
POST /profile/phone-number/verify ) command.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"iso_code": "US",
"phone_number": "555-555-5555"
}' \
linode-cli phone sms-code-send \
\
Request Body Schema string
The two-letter ISO 3166 country code associated with the phone number.
string<phone>
A valid phone number.
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Phone number verification code request successful.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Phone Number Verify POST
https://api.linode.com/v4/profile/phone-number/verify
Verify a phone number by confirming the one-time code received via SMS message after accessing the Phone Verification Code Send (
POST /profile/phone-number ) command.
Once completed, the verified phone number is assigned to the User making the request. To change the verified phone number for a User, first use the Phone Number Delete (
DELETE /profile/phone-number ) command, then begin the verification process again with the Phone Verification Code Send (
POST /profile/phone-number ) command.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"otp_code": "123456"
}' \
linode-cli phone verify \
123456
Request Body Schema string
The one-time code received via SMS message after accessing the Phone Verification Code Send (
POST /profile/phone-number ) command.
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Phone number verification successful.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
User Preferences View GET
https://api.linode.com/v4/profile/preferences
View a list of user preferences tied to the OAuth client that generated
the token making the request. The user preferences endpoints allow
consumers of the API to store arbitrary JSON data, such as a user’s font
size preference or preferred display name. User preferences are available
for each OAuth client registered to your account, and as such an account can
have multiple user preferences.
Authorizations personalAccessToken oauth account:read_only
Request Samples
Shell
curl -H "Authorization: Bearer $TOKEN " \
Response Samples
200
default
{
"key1" : "value1" ,
"key2" : "value2"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Returns an object of user preferences.
A dictionary of user preferences.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
User Preferences Update PUT
https://api.linode.com/v4/profile/preferences
Updates a user’s preferences. These preferences are tied to the OAuth client that generated the token making the request. The user preferences endpoints allow consumers of the API to store arbitrary JSON data, such as a user’s font size preference or preferred display name. An account may have multiple preferences. Preferences, and the pertaining request body, may contain any arbitrary JSON data that the user would like to store.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"key1": "value1",
"key2": "value2"
}' \
Request Body Schema
Arbitrary JSON of your choosing. Overwrites any existing preferences for this user.
Total length cannot exceed 65,535 characters.
Response Samples
200
default
{
"key1" : "value1" ,
"key2" : "value2"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Returns an object of user preferences.
An object of user preferences.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Security Questions List GET
https://api.linode.com/v4/profile/security-questions
Returns a collection of security questions and their responses, if any, for your User Profile.
Authorizations personalAccessToken oauth account:read_only
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
linode-cli security-questions list
Response Samples
200
default
{
"security_questions" : [
{
"id" : 1 ,
"question" : "In what city were you born?" ,
"response" : "Gotham City"
}
]
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Returns a list of security questions.
array
of objects
integer
The ID representing the security question.
string
The security question.
string
3..17
characters
The security question response.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Security Questions Answer POST
https://api.linode.com/v4/profile/security-questions
Adds security question responses for your User.
Requires exactly three unique questions.
Previous responses are overwritten if answered or reset to null if unanswered.
Note : Security questions must be answered for your User prior to accessing the Two Factor Secret Create (
POST /profile/tfa-enable ) command.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"security_questions": [
{
"question_id": 1,
"response": "secret answer 1"
},
{
"question_id": 2,
"response": "secret answer 2"
},
{
"question_id": 11,
"response": "secret answer 3"
}
]
}' \
Request Body Schema array
of objects
integer
The ID representing the security question.
string
3..17
characters
The security question response.
Response Samples
200
default
{
"security_questions" : [
{
"question_id" : 1 ,
"response" : "Gotham City" ,
"security_question" : "In what city were you born?"
}
]
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Security Questions answered successfully.
array
of objects
integer
The ID representing the security question.
string
3..17
characters
The security question response.
string
The security question.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
SSH Keys List GET
https://api.linode.com/v4/profile/sshkeys
Returns a collection of SSH Keys you’ve added to your Profile.
Authorizations personalAccessToken oauth account:read_only
Query Parameters page Type: integer
>=
1Default:
1
Default: 1 The page of a collection to return.
page_size Type: integer
25..500Default:
100
Default: 100 The number of items to return per page.
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
Response Samples
200
default
{
"data" : [
{
"created" : "2018-01-01T00:01:01" ,
"id" : 42 ,
"label" : "My SSH Key" ,
"ssh_key" : "ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
}
],
"page" : 1 ,
"pages" : 1 ,
"results" : 1
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Returns a paginated list of SSH Key objects.
array
of objects
string<date-time>
The date this key was added.
integer
The unique identifier of an SSH Key object.
string
<=
64
characters
A label for the SSH Key.
string<ssh-key>
The public SSH Key, which is used to authenticate to the root user of the Linodes you deploy.
Accepted formats:
ssh-dss ssh-rsa ecdsa-sha2-nistp ssh-ed25519 sk-ecdsa-sha2-nistp256 (Akamai-specific)
integer
The current
page .
integer
The total number of
pages .
integer
The total number of results.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
SSH Key Add POST
https://api.linode.com/v4/profile/sshkeys
Adds an SSH Key to your Account profile.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"label": "My SSH Key",
"ssh_key": "ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
}' \
linode-cli sshkeys create \
"My SSH Key" \
"ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
Request Body Schema string
<=
64
characters
A label for the SSH Key.
string<ssh-key>
The public SSH Key, which is used to authenticate to the root user of the Linodes you deploy.
Accepted formats:
ssh-dss ssh-rsa ecdsa-sha2-nistp ssh-ed25519 sk-ecdsa-sha2-nistp256 (Akamai-specific)
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"id" : 42 ,
"label" : "My SSH Key" ,
"ssh_key" : "ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
SSH Key associated successfully.
string<date-time>
The date this key was added.
integer
The unique identifier of an SSH Key object.
string
<=
64
characters
A label for the SSH Key.
string<ssh-key>
The public SSH Key, which is used to authenticate to the root user of the Linodes you deploy.
Accepted formats:
ssh-dss ssh-rsa ecdsa-sha2-nistp ssh-ed25519 sk-ecdsa-sha2-nistp256 (Akamai-specific)
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
SSH Key Delete DELETE
https://api.linode.com/v4/profile/sshkeys/{sshKeyId}
Deletes an SSH Key you have access to.
Note: deleting an SSH Key will not remove it from any Linode or Disk that was deployed with authorized_keys. In those cases, the keys must be manually deleted on the Linode or Disk. This endpoint will only delete the key’s association from your Profile.
Authorizations personalAccessToken oauth account:read_write
Path Parameters sshKeyId integer
Required The ID of the SSHKey
Request Samples
Shell
CLI
curl -H "Authoriztion: Bearer $TOKEN " \
\
linode-cli sshkeys delete 42
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
SSH Key deleted successfully.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
SSH Key View GET
https://api.linode.com/v4/profile/sshkeys/{sshKeyId}
Returns a single SSH Key object identified by id that you have access to view.
Authorizations personalAccessToken oauth account:read_only
Path Parameters sshKeyId integer
Required The ID of the SSHKey
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli sshkeys view 42
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"id" : 42 ,
"label" : "My SSH Key" ,
"ssh_key" : "ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
An SSH Key object
string<date-time>
The date this key was added.
integer
The unique identifier of an SSH Key object.
string
<=
64
characters
A label for the SSH Key.
string<ssh-key>
The public SSH Key, which is used to authenticate to the root user of the Linodes you deploy.
Accepted formats:
ssh-dss ssh-rsa ecdsa-sha2-nistp ssh-ed25519 sk-ecdsa-sha2-nistp256 (Akamai-specific)
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
SSH Key Update PUT
https://api.linode.com/v4/profile/sshkeys/{sshKeyId}
Updates an SSH Key that you have permission to read_write.
Only SSH key labels can be updated.
Authorizations personalAccessToken oauth account:read_write
Path Parameters sshKeyId integer
Required The ID of the SSHKey
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"label": "my laptop"
}' \
linode-cli sshkeys update 42 \
"my laptop"
Request Body Schema string
<=
64
characters
A label for the SSH Key.
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"id" : 42 ,
"label" : "My SSH Key" ,
"ssh_key" : "ssh-rsa AAAA_valid_public_ssh_key_123456785== user@their-computer"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
SSH Key updated successfully.
string<date-time>
The date this key was added.
integer
The unique identifier of an SSH Key object.
string
<=
64
characters
A label for the SSH Key.
string<ssh-key>
The public SSH Key, which is used to authenticate to the root user of the Linodes you deploy.
Accepted formats:
ssh-dss ssh-rsa ecdsa-sha2-nistp ssh-ed25519 sk-ecdsa-sha2-nistp256 (Akamai-specific)
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Two Factor Authentication Disable POST
https://api.linode.com/v4/profile/tfa-disable
Disables Two Factor Authentication for your User. Once successful, login attempts from untrusted computers will only require a password before being successful. This is less secure, and is discouraged.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
\
linode-cli profile tfa-disable
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Two Factor Secret Create POST
https://api.linode.com/v4/profile/tfa-enable
Generates a Two Factor secret for your User. To enable TFA for your User, enter the secret obtained from this command with the Two Factor Authentication Confirm/Enable (
POST /profile/tfa-enable-confirm ) command.
Once enabled, logins from untrusted computers are required to provide
a TFA code before they are successful.
Note : Before you can enable TFA, security questions must be answered for your User by accessing the Security Questions Answer (
POST /profile/security-questions ) command.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
\
linode-cli profile tfa-enable
Response Samples
200
default
{
"expiry" : "2018-03-01T00:01:01" ,
"secret" : "5FXX6KLACOC33GTC"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Two Factor secret generated
string<date-time>
When this Two Factor secret expires.
string
Your Two Factor secret. This is used to generate time-based two factor codes required for logging in. Doing this will be required to confirm TFA an actually enable it.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Two Factor Authentication Confirm/Enable POST
https://api.linode.com/v4/profile/tfa-enable-confirm
Confirms that you can successfully generate Two Factor codes and enables TFA on your Account. Once this is complete, login attempts from untrusted computers will be required to provide a Two Factor code before they are successful.
Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"tfa_code": "213456"
}' \
linode-cli profile tfa-confirm \
213456
Request Body Schema string
The Two Factor code you generated with your Two Factor secret. These codes are time-based, so be sure it is current.
Response Samples
200
default
{
"scratch" : "sample two factor scratch"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
TFA enabled successfully
string
A one-use code that can be used in place of your Two Factor code, in case you are unable to generate one. Keep this in a safe place to avoid being locked out of your Account.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Personal Access Tokens List GET
https://api.linode.com/v4/profile/tokens
Returns a paginated list of Personal Access Tokens currently active for your User.
Authorizations personalAccessToken oauth account:read_only
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile tokens-list
Response Samples
200
default
{
"data" : [
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-01T13:46:32" ,
"id" : 123 ,
"label" : "linode-cli" ,
"scopes" : "*" ,
"token" : "abcdefghijklmnop"
}
],
"page" : 1 ,
"pages" : 1 ,
"results" : 1
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
A paginated list of active tokens.
array
of objects
string<date-time>
The date and time this token was created.
string<date-time>
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with “null” as their expiry and will never expire unless revoked.
integer
This token’s unique ID, which can be used to revoke it.
string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
string<oauth-scopes>
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI , require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
string
The token used to access the API. When the token is created, the full token is returned here. Otherwise, only the first 16 characters are returned.
integer
The current
page .
integer
The total number of
pages .
integer
The total number of results.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Personal Access Token Create POST
https://api.linode.com/v4/profile/tokens
Creates a Personal Access Token for your User. The raw token will be returned in the response, but will never be returned again afterward so be sure to take note of it. You may create a token with at most the scopes of your current token. The created token will be able to access your Account until the given expiry, or until it is revoked.
Parent and child accounts
In a
parent and child account environment, the following apply:
If you’re using a child account parent user (proxy user), you can’t create this form of token. The only token available to a proxy user is one that lets you run operations in a child account. These are created via the Proxy User Token Create operation. Authorizations personalAccessToken oauth account:read_write
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"scopes": "*",
"expiry": "2018-01-01T13:46:32",
"label": "linode-cli"
}' \
linode-cli profile token-create \
'*' \
'2018-01-01T13:46:32' \
Request Body Schema string<date-time>
When this token should be valid until. If omitted, the new token will be valid until it is manually revoked.
string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
string<oauth-scope>
The access
scopes to grant to the created token. These cannot be changed after creation, and may not exceed the scopes of the acting token.
If omitted or entered with a wildcard character (*), the new token will have the same scopes as the acting token.
Multiple scopes are separated by a space character ( ).
For example, linodes:read_write account:read_only.
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-01T13:46:32" ,
"id" : 123 ,
"label" : "linode-cli" ,
"scopes" : "*" ,
"token" : "abcdefghijklmnop"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Token created successfully.
string<date-time>
The date and time this token was created.
string<date-time>
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with “null” as their expiry and will never expire unless revoked.
integer
This token’s unique ID, which can be used to revoke it.
string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
string<oauth-scopes>
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI , require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
string
The token used to access the API. When the token is created, the full token is returned here. Otherwise, only the first 16 characters are returned.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Personal Access Token Revoke DELETE
https://api.linode.com/v4/profile/tokens/{tokenId}
Revokes a Personal Access Token. The token will be invalidated immediately, and requests using that token will fail with a 401. It is possible to revoke access to the token making the request to revoke a token, but keep in mind that doing so could lose you access to the api and require you to create a new token through some other means.
Authorizations personalAccessToken oauth account:read_write
Path Parameters tokenId integer
Required The ID of the token to access.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
\
linode-cli profile token-delete 123
Response Samples
200
default
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Token revoked successfully.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Personal Access Token View GET
https://api.linode.com/v4/profile/tokens/{tokenId}
Returns a single Personal Access Token.
Authorizations personalAccessToken oauth account:read_only
Path Parameters tokenId integer
Required The ID of the token to access.
Request Samples
Shell
CLI
curl -H "Authorization: Bearer $TOKEN " \
linode-cli profile token-view 123
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-01T13:46:32" ,
"id" : 123 ,
"label" : "linode-cli" ,
"scopes" : "*" ,
"token" : "abcdefghijklmnop"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
The requested token.
string<date-time>
The date and time this token was created.
string<date-time>
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with “null” as their expiry and will never expire unless revoked.
integer
This token’s unique ID, which can be used to revoke it.
string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
string<oauth-scopes>
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI , require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
string
The token used to access the API. When the token is created, the full token is returned here. Otherwise, only the first 16 characters are returned.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
Personal Access Token Update PUT
https://api.linode.com/v4/profile/tokens/{tokenId}
Updates a Personal Access Token.
Authorizations personalAccessToken oauth account:read_write
Path Parameters tokenId integer
Required The ID of the token to access.
Request Samples
Shell
CLI
curl -H "Content-Type: application/json" \
"Authorization: Bearer $TOKEN " \
'{
"label": "linode-cli"
}' \
linode-cli profile token-update 123 \
Request Body Schema string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
Response Samples
200
default
{
"created" : "2018-01-01T00:01:01" ,
"expiry" : "2018-01-01T13:46:32" ,
"id" : 123 ,
"label" : "linode-cli" ,
"scopes" : "*" ,
"token" : "abcdefghijklmnop"
}
{
"errors" : [
{
"field" : "fieldname" ,
"reason" : "fieldname must be a valid value"
}
]
}
Responses
200
default
Token updated successfully.
string<date-time>
The date and time this token was created.
string<date-time>
When this token will expire. Personal Access Tokens cannot be renewed, so after this time the token will be completely unusable and a new token will need to be generated. Tokens may be created with “null” as their expiry and will never expire unless revoked.
integer
This token’s unique ID, which can be used to revoke it.
string
1..100
characters
This token’s label. This is for display purposes only, but can be used to more easily track what you’re using each token for.
string<oauth-scopes>
The scopes this token was created with. These define what parts of the Account the token can be used to access. Many command-line tools, such as the Linode CLI , require tokens with access to *. Tokens with more restrictive scopes are generally more secure.
string
The token used to access the API. When the token is created, the full token is returned here. Otherwise, only the first 16 characters are returned.
Error
array
of objects
string
The field in the request that caused this error. This may be a path, separated by periods in the case of nested fields. In some cases this may come back as “null” if the error is not specific to any single element of the request.
string
What happened to cause this error. In most cases, this can be fixed immediately by changing the data you sent in the request, but in some cases you will be instructed to
open a Support Ticket or perform some other action before you can complete the request successfully.
