---
title: Authorizations (v1-compatible)
description: Manage v1-compatible legacy authorization credentials in InfluxDB OSS v2.
url: https://docs.influxdata.com/influxdb/v2/api/authorizations-v1-compatible/
estimated_tokens: 2343
product: InfluxDB OSS v2
version: v2
publisher: InfluxData
canonical: https://docs.influxdata.com/influxdb/v2/api/authorizations-v1-compatible/
---

[Download InfluxDB API Spec](/openapi/influxdb-oss-v2-api.yml)

Manage v1-compatible legacy authorization credentials in InfluxDB OSS v2.

GET`/legacy/authorizations`

### List all legacy authorizations

#### Parameters

##### Query parameters

`userID`string

A user ID.
Only returns legacy authorizations scoped to the specified [user](/influxdb/v2/reference/glossary/#user).

`user`string

A user name.
Only returns legacy authorizations scoped to the specified [user](/influxdb/v2/reference/glossary/#user).

`orgID`string

An organization ID.
Only returns legacy authorizations that belong to the specified [organization](/influxdb/v2/reference/glossary/#organization).

`org`string

An organization name.
Only returns legacy authorizations that belong to the specified [organization](/influxdb/v2/reference/glossary/#organization).

`token`string

An authorization name token.
Only returns legacy authorizations with the specified name.

`authID`string

An authorization ID.
Returns the specified legacy authorization.

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

Example request[Ask AI about this](#)

```sh
curl --request GET \
  "http://localhost:8086/legacy/authorizations" \
  --header "Authorization: Bearer INFLUX_TOKEN"
```

#### Responses

200Success. The response body contains a list of legacy `authorizations`.

`authorizations`object[]

`links`string

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

POST`/legacy/authorizations`

### Create a legacy authorization

Creates a legacy authorization and returns the legacy authorization.

#### Required permissions

* `write-users USER_ID` if you pass the `userID` property in the request body.

*`USER_ID`* is the ID of the user that you want to scope the authorization to.

#### Parameters

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

#### Request bodyrequired

The legacy authorization to create.

Content-Type:`application/json`

Example request[Ask AI about this](#)

```sh
curl --request POST \
  "http://localhost:8086/legacy/authorizations" \
  --header "Authorization: Bearer INFLUX_TOKEN" \
  --header "Content-Type: application/json"
```

#### Responses

201Created. The legacy authorization is created.
The response body contains the newly created legacy authorization.

400Non 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

401Unauthorized.
The API token passed doesn’t have the permissions necessary for the
request.

`code`string

The HTTP status code description. Default is `unauthorized`.

Allowed:`unauthorized`

`message`string

A human-readable message that may contain detail about the error.

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

GET`/legacy/authorizations/{authID}`

### Retrieve a legacy authorization

#### Parameters

##### Path parameters

`authID`requiredstring

The ID of the legacy authorization to get.

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

Example request[Ask AI about this](#)

```sh
curl --request GET \
  "http://localhost:8086/legacy/authorizations/{authID}" \
  --header "Authorization: Bearer INFLUX_TOKEN"
```

#### Responses

200Legacy authorization details

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

PATCH`/legacy/authorizations/{authID}`

### Update a legacy authorization to be active or inactive

#### Parameters

##### Path parameters

`authID`requiredstring

The ID of the legacy authorization to update.

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

#### Request bodyrequired

Legacy authorization to update

Content-Type:`application/json`

`description`string

A description of the token.

`status`string

Status of the token. If `inactive`, InfluxDB rejects requests that use the token.

Allowed:`active`, `inactive`

Default:`active`

Example request[Ask AI about this](#)

```sh
curl --request PATCH \
  "http://localhost:8086/legacy/authorizations/{authID}" \
  --header "Authorization: Bearer INFLUX_TOKEN" \
  --header "Content-Type: application/json" \
  --data-raw '{
  "description": "DESCRIPTION",
  "status": "active"
}'
```

#### Responses

200The active or inactive legacy authorization

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

DELETE`/legacy/authorizations/{authID}`

### Delete a legacy authorization

#### Parameters

##### Path parameters

`authID`requiredstring

The ID of the legacy authorization to delete.

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

Example request[Ask AI about this](#)

```sh
curl --request DELETE \
  "http://localhost:8086/legacy/authorizations/{authID}" \
  --header "Authorization: Bearer INFLUX_TOKEN"
```

#### Responses

204Legacy authorization deleted

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.

POST`/legacy/authorizations/{authID}/password`

### Set a legacy authorization password

#### Parameters

##### Path parameters

`authID`requiredstring

The ID of the legacy authorization to update.

##### Header parameters

`Zap-Trace-Span`string

OpenTracing span context

#### Request bodyrequired

New password

Content-Type:`application/json`

`password`requiredstring

Example request[Ask AI about this](#)

```sh
curl --request POST \
  "http://localhost:8086/legacy/authorizations/{authID}/password" \
  --header "Authorization: Bearer INFLUX_TOKEN" \
  --header "Content-Type: application/json" \
  --data-raw '{
  "password": "PASSWORD"
}'
```

#### Responses

204Legacy authorization password set

defaultNon 2XX error response from server.

`code`requiredstring

code is the machine-readable error code.

Allowed:`internal error`, `not implemented`, `not found`, `conflict`, `invalid`, `unprocessable entity`, `empty value`, `unavailable`, `forbidden`, `too many requests`, `unauthorized`, `method not allowed`, `request too large`, `unsupported media type`

`err`string

Stack of errors that occurred during processing of the request. Useful for debugging.

`message`string

Human-readable message.

`op`string

Describes the logical code operation when the error occurred. Useful for debugging.