{ "added": "2019-02-11T20:55:48.000Z", "info": { "contact": { "email": "support@linode.com", "name": "Linode", "url": "https://linode.com" }, "description": "## Introduction\nThe Linode API provides the ability to programmatically manage the full\nrange of Linode products and services.\n\nThis reference is designed to assist application developers and system\nadministrators. Each endpoint includes descriptions, request syntax, and\nexamples using standard HTTP requests. Response data is returned in JSON\nformat.\n\n\nThis document was generated from our OpenAPI Specification. See the\nOpenAPI website for more information.\n\nDownload the Linode OpenAPI Specification.\n\n\n## Changelog\n\nView our Changelog to see release\nnotes on all changes made to our API.\n\n## Access and Authentication\n\nSome endpoints are publicly accessible without requiring authentication.\nAll endpoints affecting your Account, however, require either a Personal\nAccess Token or OAuth authentication (when using third-party\napplications).\n\n### Personal Access Token\n\nThe easiest way to access the API is with a Personal Access Token (PAT)\ngenerated from the\nLinode Cloud Manager or\nthe [Create Personal Access Token](/docs/api/profile/#personal-access-token-create) endpoint.\n\nAll scopes for the OAuth security model ([defined below](/docs/api/profile/#oauth)) apply to this\nsecurity model as well.\n\n#### Authentication\n\n| Security Scheme Type: | HTTP |\n|-----------------------|------|\n| **HTTP Authorization Scheme** | bearer |\n\n### OAuth\nIf you only need to access the Linode API for personal use,\nwe recommend that you create a [personal access token](/docs/api/#personal-access-token).\nIf you're designing an application that can authenticate with an arbitrary Linode user, then\nyou should use the OAuth 2.0 workflows presented in this section.\n\nFor a more detailed example of an OAuth 2.0 implementation, see our guide on [How to Create an OAuth App with the Linode Python API Library](/docs/products/tools/api/guides/create-an-oauth-app-with-the-python-api-library/#oauth-2-authentication-exchange).\n\nBefore you implement OAuth in your application, you first need to create an OAuth client. You can do this [with the Linode API](/docs/api/account/#oauth-client-create) or [via the Cloud Manager](https://cloud.linode.com/profile/clients):\n\n - When creating the client, you'll supply a `label` and a `redirect_uri` (referred to as the Callback URL in the Cloud Manager).\n - The response from this endpoint will give you a `client_id` and a `secret`.\n - Clients can be public or private, and are private by default. You can choose to make the client public when it is created.\n - A private client is used with applications which can securely store the client secret (that is, the secret returned to you when you first created the client). For example, an application running on a secured server that only the developer has access to would use a private OAuth client. This is also called a confidential client in some OAuth documentation.\n - A public client is used with applications where the client secret is not guaranteed to be secure. For example, a native app running on a user's computer may not be able to keep the client secret safe, as a user could potentially inspect the source of the application. So, native apps or apps that run in a user's browser should use a public client.\n - Public and private clients follow different workflows, as described below.\n\n#### OAuth Workflow\n\nThe OAuth workflow is a series of exchanges between your third-party app and Linode. The workflow is used\nto authenticate a user before an application can start making API calls on the user's behalf.\n\nNotes:\n\n- With respect to the diagram in [section 1.2 of RFC 6749](https://tools.ietf.org/html/rfc6749#section-1.2), login.linode.com (referred to in this section as the *login server*)\nis the Resource Owner and the Authorization Server; api.linode.com (referred to here as the *api server*) is the Resource Server.\n- The OAuth spec refers to the private and public workflows listed below as the [authorization code flow](https://tools.ietf.org/html/rfc6749#section-1.3.1) and [implicit flow](https://tools.ietf.org/html/rfc6749#section-1.3.2).\n\n| PRIVATE WORKFLOW | PUBLIC WORKFLOW |\n|------------------|------------------|\n| 1. The user visits the application's website and is directed to login with Linode. | 1. The user visits the application's website and is directed to login with Linode. |\n| 2. Your application then redirects the user to Linode's [login server](https://login.linode.com) with the client application's `client_id` and requested OAuth `scope`, which should appear in the URL of the login page. | 2. Your application then redirects the user to Linode's [login server](https://login.linode.com) with the client application's `client_id` and requested OAuth `scope`, which should appear in the URL of the login page. |\n| 3. The user logs into the login server with their username and password. | 3. The user logs into the login server with their username and password. |\n| 4. The login server redirects the user to the specificed redirect URL with a temporary authorization `code` (exchange code) in the URL. | 4. The login server redirects the user back to your application with an OAuth `access_token` embedded in the redirect URL's hash. This is temporary and expires in two hours. No `refresh_token` is issued. Therefore, once the `access_token` expires, a new one will need to be issued by having the user log in again. |\n| 5. The application issues a POST request (*see additional details below*) to the login server with the exchange code, `client_id`, and the client application's `client_secret`. | |\n| 6. The login server responds to the client application with a new OAuth `access_token` and `refresh_token`. The `access_token` is set to expire in two hours. | |\n| 7. The `refresh_token` can be used by contacting the login server with the `client_id`, `client_secret`, `grant_type`, and `refresh_token` to get a new OAuth `access_token` and `refresh_token`. The new `access_token` is good for another two hours, and the new `refresh_token` can be used to extend the session again by this same method (*see additional details below*). | |\n\n#### OAuth Private Workflow - Additional Details\n\nThe following information expands on steps 5 through 7 of the private workflow:\n\nOnce the user has logged into Linode and you have received an exchange code,\nyou will need to trade that exchange code for an `access_token` and `refresh_token`. You\ndo this by making an HTTP POST request to the following address:\n\n```\nhttps://login.linode.com/oauth/token\n```\n\nMake this request as `application/x-www-form-urlencoded` or as\n`multipart/form-data` and include the following parameters in the POST body:\n\n| PARAMETER | DESCRIPTION |\n|-----------|-------------|\n| client_id | Your app's client ID. |\n| client_secret | Your app's client secret. |\n| code | The code you just received from the redirect. |\n\nYou'll get a response like this:\n\n```json\n{\n \"scope\": \"linodes:read_write\",\n \"access_token\": \"03d084436a6c91fbafd5c4b20c82e5056a2e9ce1635920c30dc8d81dc7a6665c\",\n \"refresh_token\": \"f2ec9712e616fdb5a2a21aa0e88cfadea7502ebc62cf5bd758dbcd65e1803bad\",\n \"token_type\": \"bearer\",\n \"expires_in\": 7200\n}\n```\n\nIncluded in the response is an `access_token`. With this token, you can proceed to make\nauthenticated HTTP requests to the API by adding this header to each request:\n\n```\nAuthorization: Bearer 03d084436a6c91fbafd5c4b20c82e5056a2e9ce1635920c30dc8d81dc7a6665c\n```\n\nThis `access_token` is set to expire in two hours. To refresh access prior to expiration, make another request to the same URL with the following parameters in the POST body:\n\n| PARAMETER | DESCRIPTION |\n|-----------|-------------|\n| grant_type | The grant type you're using. Use \"refresh_token\" when refreshing access. |\n| client_id | Your app's client ID. |\n| client_secret | Your app's client secret. |\n| refresh_token | The `refresh_token` received from the previous response. |\n\nYou'll get another response with an updated `access_token` and `refresh_token`, which can then be used to refresh access again.\n\n#### OAuth Reference\n\n| Security Scheme Type | OAuth 2.0 |\n|-----------------------|--------|\n| **Authorization URL** | https://login.linode.com/oauth/authorize |\n| **Token URL** | https://login.linode.com/oauth/token |\n| **Scopes** |
|\n\n## Requests\n\nRequests must be made over HTTPS to ensure transactions are encrypted. The\nfollowing Request methods are supported:\n\n| METHOD | USAGE |\n|--------|-------|\n| GET | Retrieves data about collections and individual resources. |\n| POST | For collections, creates a new resource of that type. Also used to perform actions on action endpoints. |\n| PUT | Updates an existing resource. |\n| DELETE | Deletes a resource. This is a destructive action. |\n\n\n## Responses\n\nActions will return one following HTTP response status codes:\n\n| STATUS | DESCRIPTION |\n|---------|-------------|\n| 200 OK | The request was successful. |\n| 202 Accepted | The request was successful, but processing has not been completed. The response body includes a \"warnings\" array containing the details of incomplete processes. |\n| 204 No Content | The server successfully fulfilled the request and there is no additional content to send. |\n| 299 Deprecated | The request was successful, but involved a deprecated endpoint. The response body includes a \"warnings\" array containing warning messages. |\n| 400 Bad Request | You submitted an invalid request (missing parameters, etc.). |\n| 401 Unauthorized | You failed to authenticate for this resource. |\n| 403 Forbidden | You are authenticated, but don't have permission to do this. |\n| 404 Not Found | The resource you're requesting does not exist. |\n| 429 Too Many Requests | You've hit a rate limit. |\n| 500 Internal Server Error | Please [open a Support Ticket](/docs/api/support/#support-ticket-open). |\n\n## Errors\n\nSuccess is indicated via Standard HTTP status codes.\n`2xx` codes indicate success, `4xx` codes indicate a request error, and\n`5xx` errors indicate a server error. A\nrequest error might be an invalid input, a required parameter being omitted,\nor a malformed request. A server error means something went wrong processing\nyour request. If this occurs, please\n[open a Support Ticket](/docs/api/support/#support-ticket-open)\nand let us know. Though errors are logged and we work quickly to resolve issues,\nopening a ticket and providing us with reproducable steps and data is always helpful.\n\nThe `errors` field is an array of the things that went wrong with your request.\nWe will try to include as many of the problems in the response as possible,\nbut it's conceivable that fixing these errors and resubmitting may result in\nnew errors coming back once we are able to get further along in the process\nof handling your request.\n\n\nWithin each error object, the `field` parameter will be included if the error\npertains to a specific field in the JSON you've submitted. This will be\nomitted if there is no relevant field. The `reason` is a human-readable\nexplanation of the error, and will always be included.\n\n## Pagination\n\nResource lists are always paginated. The response will look similar to this:\n\n```json\n{\n \"data\": [ ... ],\n \"page\": 1,\n \"pages\": 3,\n \"results\": 300\n}\n```\n\n* Pages start at 1. You may retrieve a specific page of results by adding\n`?page=x` to your URL (for example, `?page=4`). If the value of `page`\nexceeds `2^64/page_size`, the last possible page will be returned.\n\n\n* Page sizes default to 100,\nand can be set to return between 25 and 500. Page size can be set using\n`?page_size=x`.\n\n## Filtering and Sorting\n\nCollections are searchable by fields they include, marked in the spec as\n`x-linode-filterable: true`. Filters are passed\nin the `X-Filter` header and are formatted as JSON objects. Here is a request\ncall for Linode Types in our \"standard\" class:\n\n```Shell\ncurl \"https://api.linode.com/v4/linode/types\" \\\n -H 'X-Filter: { \"class\": \"standard\" }'\n```\n\nThe filter object's keys are the keys of the object you're filtering,\nand the values are accepted values. You can add multiple filters by\nincluding more than one key. For example, filtering for \"standard\" Linode\nTypes that offer one vcpu:\n\n```Shell\n curl \"https://api.linode.com/v4/linode/types\" \\\n -H 'X-Filter: { \"class\": \"standard\", \"vcpus\": 1 }'\n```\n\nIn the above example, both filters are combined with an \"and\" operation.\nHowever, if you wanted either Types with one vcpu or Types in our \"standard\"\nclass, you can add an operator:\n\n ```Shell\ncurl \"https://api.linode.com/v4/linode/types\" \\\n -H 'X-Filter: { \"+or\": [ { \"vcpus\": 1 }, { \"class\": \"standard\" } ] }'\n```\n\nEach filter in the `+or` array is its own filter object, and all conditions\nin it are combined with an \"and\" operation as they were in the previous example.\n\nOther operators are also available. Operators are keys of a Filter JSON\nobject. Their value must be of the appropriate type, and they are evaluated\nas described below:\n\n| OPERATOR | TYPE | DESCRIPTION |\n|----------|--------|-----------------------------------|\n| +and | array | All conditions must be true. |\n| +or | array | One condition must be true. |\n| +gt | number | Value must be greater than number. |\n| +gte | number | Value must be greater than or equal to number. |\n| +lt | number | Value must be less than number. |\n| +lte | number | Value must be less than or equal to number. |\n| +contains | string | Given string must be in the value. |\n| +neq | string | Does not equal the value. |\n| +order_by | string | Attribute to order the results by - must be filterable. |\n| +order | string | Either \"asc\" or \"desc\". Defaults to \"asc\". Requires `+order_by`. |\n\nFor example, filtering for [Linode Types](/docs/api/linode-types/)\nthat offer memory equal to or higher than 61440:\n\n```Shell\ncurl \"https://api.linode.com/v4/linode/types\" \\\n -H '\n X-Filter: {\n \"memory\": {\n \"+gte\": 61440\n }\n }'\n```\n\nYou can combine and nest operators to construct arbitrarily-complex queries.\nFor example, give me all [Linode Types](/docs/api/linode-types/)\nwhich are either `standard` or `highmem` class, or\nhave between 12 and 20 vcpus:\n\n```Shell\ncurl \"https://api.linode.com/v4/linode/types\" \\\n -H '\n X-Filter: {\n \"+or\": [\n {\n \"+or\": [\n {\n \"class\": \"standard\"\n },\n {\n \"class\": \"highmem\"\n }\n ]\n },\n {\n \"+and\": [\n {\n \"vcpus\": {\n \"+gte\": 12\n }\n },\n {\n \"vcpus\": {\n \"+lte\": 20\n }\n }\n ]\n }\n ]\n }'\n```\n## Time Values\n\nAll times returned by the API are in UTC, regardless of the timezone configured within your user's profile (see `timezone` property within [Profile View](/docs/api/profile/#profile-view__responses)).\n\n## Rate Limiting\n\nRate limits on API requests help maintain the health and stability of the Linode API. Accordingly, every endpoint of the Linode API applies a rate limit on a per user basis as determined by OAuth token for authenticated requests or IP address for public endpoints.\n\nEach rate limit consists of a total number of requests and a time window. For example, if an endpoint has a rate limit of 800 requests per minute, then up to 800 requests over a one minute window are permitted. Subsequent requests to an endpoint after hitting a rate limit return a 429 error. You can successfully remake requests to that endpoint after the rate limit window resets.\n\n### Linode APIv4 Rate Limits\n\nWith the Linode API, you can generally make up to 1,600 general API requests every two minutes. Additionally, all endpoints have a rate limit of 800 requests per minute unless otherwise specified below.\n\n**Note:** There may be rate limiting applied at other levels outside of the API, for example, at the load balancer.\n\nCreating Linodes has a dedicated rate limit of 10 requests per 30 seconds. That endpoint is:\n\n* [Linode Create](/docs/api/linode-instances/#linode-create)\n\n`/stats` endpoints have their own dedicated rate limits of 100 requests per minute. These endpoints are:\n\n* [View Linode Statistics](/docs/api/linode-instances/#linode-statistics-view)\n* [View Linode Statistics (year/month)](/docs/api/linode-instances/#statistics-yearmonth-view)\n* [View NodeBalancer Statistics](/docs/api/nodebalancers/#nodebalancer-statistics-view)\n* [List Managed Stats](/docs/api/managed/#managed-stats-list)\n\nObject Storage endpoints have a dedicated rate limit of 750 requests per second. The Object Storage endpoints are:\n\n* [Object Storage Endpoints](/docs/api/object-storage/)\n\nOpening Support Tickets has a dedicated rate limit of 2 requests per minute. That endpoint is:\n\n* [Open Support Ticket](/docs/api/support/#support-ticket-open)\n\nAccepting Service Transfers has a dedicated rate limit of 2 requests per minute. That endpoint is:\n\n* [Service Transfer Accept](/docs/api/account/#service-transfer-accept)\n\n### Rate Limit HTTP Response Headers\n\nThe Linode API includes the following HTTP response headers which are designed to help you avoid hitting rate limits that might disrupt your applications:\n\n* **X-RateLimit-Limit**: The maximum number of permitted requests during the rate limit window for this endpoint.\n* **X-RateLimit-Remaining**: The remaining number of permitted requests in the current rate limit window.\n* **X-RateLimit-Reset**: The time when the current rate limit window rests in UTC epoch seconds.\n* **Retry-After**: The remaining time in seconds until the current rate limit window resets.\n\nThere are many ways to access header information for your requests, depending on how you are accessing the Linode API. For example, to view HTTP response headers when making requests with `curl`, use the `-i` or `--include` option as follows:\n\n```Shell\ncurl -i https://api.linode.com/v4/regions\n```\n\n## CLI (Command Line Interface)\n\nThe Linode CLI allows you to easily\nwork with the API using intuitive and simple syntax. It requires a\n[Personal Access Token](/docs/api/#personal-access-token)\nfor authentication, and gives you access to all of the features and functionality\nof the Linode API that are documented here with CLI examples.\n\nEndpoints that do not have CLI examples are currently unavailable through the CLI, but\ncan be accessed via other methods such as Shell commands and other third-party applications.\n", "title": "Linode API", "version": "4.145.0", "x-apisguru-categories": [ "cloud" ], "x-origin": [ { "converter": { "url": "https://github.com/mermade/oas-kit", "version": "7.0.4" }, "format": "openapi", "url": "https://www.linode.com/docs/api/openapi.yaml", "version": "3.0" } ], "x-providerName": "linode.com", "x-logo": { "url": "https://api.apis.guru/v2/cache/logo/https_apis.guru_assets_images_no-logo.svg" } }, "updated": "2023-03-06T09:58:04.581Z", "swaggerUrl": "https://api.apis.guru/v2/specs/linode.com/4.145.0/openapi.json", "swaggerYamlUrl": "https://api.apis.guru/v2/specs/linode.com/4.145.0/openapi.yaml", "openapiVer": "3.0.1", "link": "https://api.apis.guru/v2/specs/linode.com/4.145.0.json" }