Permission

Download schema

Manage permissions for sub-accounts to access resources owned by the main account.

List permissions

GET

https://api.upcloud.com

/1.3/permission

Retrieves a list of permissions for sub-accounts to access resources owned by the main account.

List permissions › Responses

A list of permissions.

List of permissions.

permissions

object · required

Replace permissions

PUT

https://api.upcloud.com

/1.3/permission

Replaces the entire set of permissions for sub-accounts to access resources owned by the main account.

Replace permissions › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Replace permissions › Responses

The updated list of permissions.

List of permissions.

permissions

object · required

PUT/1.3/permission

curl https://api.upcloud.com/1.3/permission \
  --request PUT \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer <token>' \
  --data '{
  "permission": {
    "options": {
      "storage": "yes"
    },
    "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
    "target_type": "server",
    "user": "test"
  }
}'

Example Request Body

{
  "permission": {
    "options": {
      "storage": "yes"
    },
    "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
    "target_type": "server",
    "user": "test"
  }
}

json

Example Responses

{
  "permissions": {
    "permission": [
      {
        "user": "subaccount1",
        "target_type": "server",
        "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
        "options": {
          "storage": "yes"
        }
      },
      {
        "user": "subaccount2",
        "target_type": "storage",
        "target_identifier": "01f6d5e3-c3b2-41ba-912a-723ab2c12345"
      }
    ]
  }
}

json

application/json

Grant permission

POST

https://api.upcloud.com

/1.3/permission/grant

Grants a permission for a sub-account to access a resource owned by the main account.

Grant permission › query Parameters

skip_target_check

boolean

If true, skips the check whether the target resource exists. Default is false.

Grant permission › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Grant permission › Responses

The granted permission.

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

POST/1.3/permission/grant

curl https://api.upcloud.com/1.3/permission/grant \
  --request POST \
  --header 'Content-Type: application/json' \
  --header 'Authorization: Bearer <token>' \
  --data '{
  "permission": {
    "options": {
      "storage": "yes"
    },
    "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
    "target_type": "server",
    "user": "test"
  }
}'

Example Request Body

{
  "permission": {
    "options": {
      "storage": "yes"
    },
    "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
    "target_type": "server",
    "user": "test"
  }
}

json

Example Responses

{
  "permission": {
    "options": {
      "storage": "yes"
    },
    "target_identifier": "00e1d79f-d2d8-40ca-a68d-812655b34766",
    "target_type": "server",
    "user": "test"
  }
}

json

application/json

Revoke permission

POST

https://api.upcloud.com

/1.3/permission/revoke

Revokes a permission for a sub-account to access a resource owned by the main account.

Revoke permission › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Revoke permission › Responses

Permission successfully revoked. No content in response body.

No data returned

Revoke all permissions by target

POST

https://api.upcloud.com

/1.3/permission/revoke-all-from-target/{target_type}/{target_identifier}

Revokes all permissions for sub-accounts to access a specific resource owned by the main account.

Revoke all permissions by target › path Parameters

target_type

string · required

The type of the target resource (e.g., "server", "storage").

target_identifier

string · required

The identifier of the target resource.

Revoke all permissions by target › query Parameters

main_account_id

integer · min: 1

If specified, revokes permissions for resources owned by the specified main account ID. Default is the current main account.

Revoke all permissions by target › Responses

All permissions for the specified target successfully revoked. No content in response body.

No data returned

Revoke all permissions by user

POST

https://api.upcloud.com

/1.3/permission/revoke-all-from-user/{user}

Revokes all permissions for a specific sub-account to access any resources owned by the main account.

Revoke all permissions by user › path Parameters

user

string · required

The username of the sub-account.

Revoke all permissions by user › Responses

All permissions for the specified user successfully revoked. No content in response body.

No data returned

Account Tokens Tag

Replace permissions

PUT

https://api.upcloud.com

/1.3/permission

Replaces the entire set of permissions for sub-accounts to access resources owned by the main account.

Replace permissions › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Replace permissions › Responses

The updated list of permissions.

List of permissions.

permissions

object · required

Grant permission

POST

https://api.upcloud.com

/1.3/permission/grant

Grants a permission for a sub-account to access a resource owned by the main account.

Grant permission › query Parameters

skip_target_check

boolean

If true, skips the check whether the target resource exists. Default is false.

Grant permission › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Grant permission › Responses

The granted permission.

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Revoke permission

POST

https://api.upcloud.com

/1.3/permission/revoke

Revokes a permission for a sub-account to access a resource owned by the main account.

Revoke permission › Request Body

A single permission object.

permission

permissionDocument

Permission document defining access rights for a sub-account to a specific resource.

Revoke permission › Responses

Permission successfully revoked. No content in response body.

No data returned

Revoke all permissions by target

POST

https://api.upcloud.com

/1.3/permission/revoke-all-from-target/{target_type}/{target_identifier}

Revokes all permissions for sub-accounts to access a specific resource owned by the main account.

Revoke all permissions by target › path Parameters

target_type

string · required

The type of the target resource (e.g., "server", "storage").

target_identifier

string · required

The identifier of the target resource.

Revoke all permissions by target › query Parameters

main_account_id

integer · min: 1

If specified, revokes permissions for resources owned by the specified main account ID. Default is the current main account.

Revoke all permissions by target › Responses

All permissions for the specified target successfully revoked. No content in response body.

No data returned

Revoke all permissions by user

POST

https://api.upcloud.com

/1.3/permission/revoke-all-from-user/{user}

Revokes all permissions for a specific sub-account to access any resources owned by the main account.

Revoke all permissions by user › path Parameters

user

string · required

The username of the sub-account.

Revoke all permissions by user › Responses

All permissions for the specified user successfully revoked. No content in response body.

No data returned