List a user's grants

Returns the full grants structure for an account username you specify. This includes all entities on the account, and the level of access this user has to each of them.

This doesn't apply to the account owner or the current authenticated user. You can run the List grants operation to view those grants. However, this doesn't show the entities that they don't have access to.

📘

This operation can only be accessed by account users with unrestricted access.


OAuth scopes

account:read_only

Learn more...

Path Params
string
required

Enum Call either the v4 URL, or v4beta for operations still in Beta.

string
required

The username to look up.

Responses

Response body
object
database
array of objects

The grants this User has for each Database that is owned by this Account.

database
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

domain
array of objects

The grants this User has for each Domain that is owned by this Account.

domain
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

firewall
array of objects

The grants this User has for each Firewall that is owned by this Account.

firewall
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

global
object

A structure containing the Account-level grants a User has.

string | null

The level of access this User has to Account-level actions, like billing information. A restricted User will never be able to manage users.

Parent and child accounts

In a parent and child account environment, this grant can be added to a child account user, to give the user read-write access. This gives the child user unrestricted access to expected management operations, such as creating other child users. However, child users don't have write access to billing operations. The API issues a specific error message if a write operation is attempted by a child user.

read_only read_write

boolean

If true, this User may add Managed Databases.

boolean

If true, this User may add Domains.

boolean

If true, this User may add Firewalls.

boolean

If true, this User may add Images.

boolean

If true, this User may create Linodes.

boolean

If true, this User may create Longview clients and view the current plan.

boolean

If true, this User may add NodeBalancers.

boolean

If true, this User may add StackScripts.

boolean

If true, this User may add Volumes.

boolean

If true, this User may add VPCs.

boolean

If true, this User may cancel the entire Account.

boolean | null

In a parent and child account environment, this gives a parent account access to endpoints that can be used to manage child accounts. Unrestricted parent account users have access to this grant, while restricted parent users don't. An unrestricted parent user can set this to true to add this grant to a restricted parent user. Displayed as null for all non-parent accounts.

boolean

If true, this User may manage the Account's Longview subscription.

image
array of objects

The grants this User has for each Image that is owned by this Account.

image
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

linode
array of objects

The grants this User has for each Linode that is owned by this Account.

linode
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

longview
array of objects

The grants this User has for each Longview Client that is owned by this Account.

longview
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

nodebalancer
array of objects

The grants this User has for each NodeBalancer that is owned by this Account.

nodebalancer
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

stackscript
array of objects

The grants this User has for each StackScript that is owned by this Account.

stackscript
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

volume
array of objects

The grants this User has for each Block Storage Volume that is owned by this Account.

volume
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

vpc
array of objects

The grants this User has for each VPC that is owned by this Account.

vpc
object
integer

The ID of the entity this grant applies to.

string

Read-only The current label of the entity this grant applies to, for display purposes.

string | null

The level of access this User has to this entity. If null, this User has no access.

read_only read_write

204

This is an unrestricted User, and therefore has no grants to return. This User may access everything on the Account and perform all actions.

Language
Credentials