Return One Access List Entry for One Organization API Key

GET /api/atlas/v1.0/orgs/{orgId}/apiKeys/{apiUserId}/accessList/{ipAddress}

Returns one access list entry for the specified organization API key. Resources require all API requests originate from IP addresses on the API access list.

Role requirements

Organization Member

Configure Atlas API Access

Path parameters

orgId string Required

Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.

Format should match the following pattern: ^([a-f0-9]{24})$.
ipAddress string Required

One IP address or multiple IP addresses represented as one CIDR block to limit requests to API resources in the specified organization. When adding a CIDR block with a subnet mask, such as 192.0.2.0/24, use the URL-encoded value %2F for the forward slash /.

Format should match the following pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}(%2[fF][0-9]{1,3})?|([0-9a-f]{1,4}\:){7}[0-9a-f]{1,4}(%2[fF][0-9]{1,3})?|([0-9a-f]{1,4}\:){1,6}\:(%2[fF][0-9]{1,3})?$.
apiUserId string Required

Unique 24-hexadecimal digit string that identifies this organization API key for which you want to return access list entries.

Format should match the following pattern: ^([a-f0-9]{24})$.

Query parameters

envelope boolean

Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

Default value is false.
pretty boolean

Flag that indicates whether the response body should be in the prettyprint format.

Default value is false.

Prettyprint

Responses

200 application/json

OK
Hide response attributes Show response attributes object
- cidrBlock string
  
  Range of IP addresses in Classless Inter-Domain Routing (CIDR) notation in the access list for the API key.
  
  Format should match the following pattern: ^((([0-9]{1,3}\.){3}[0-9]{1,3})|(:{0,2}([0-9a-f]{1,4}:){0,7}[0-9a-f]{1,4}[:]{0,2}))((%2[fF]|/)[0-9]{1,3})+$.
- count integer(int32)
  
  Total number of requests that have originated from the Internet Protocol (IP) address given as the value of the lastUsedAddress parameter.
  
  Minimum value is 1.
- created string(date-time)
  
  Date and time when someone added the network addresses to the specified API access list. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- ipAddress string
  
  Network address in the access list for the API key.
  
  Format should match the following pattern: ^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}|([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$.
- lastUsed string(date-time)
  
  Date and time when MongoDB Cloud received the most recent request that originated from this Internet Protocol version 4 or version 6 address. The resource returns this parameter when at least one request has originated from this IP address. MongoDB Cloud updates this parameter each time a client accesses the permitted resource. This parameter expresses its value in the ISO 8601 timestamp format in UTC.
- lastUsedAddress string
  
  Network address that issued the most recent request to the API. This parameter requires the address to be expressed as one Internet Protocol version 4 or version 6 address. The resource returns this parameter after this IP address made at least one request.
- links array[object]
  
  List of one or more Uniform Resource Locators (URLs) that point to API sub-resources, related API resources, or both. RFC 5988 outlines these relationships.
  
  Web Linking Specification (RFC...
  
  Hide links attributes Show links attributes object
  
  href string
  
  Uniform Resource Locator (URL) that points another API resource to which this response has some relationship. This URL often begins with https://cloud.mongodb.com/api/atlas.
  
  rel string
  
  Uniform Resource Locator (URL) that defines the semantic relationship between this resource and another API resource. This URL often begins with https://cloud.mongodb.com/api/atlas.
401 application/json

Unauthorized.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
403 application/json

Forbidden.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
404 application/json

Not Found.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
500 application/json

Internal Server Error.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.

GET /api/atlas/v1.0/orgs/{orgId}/apiKeys/{apiUserId}/accessList/{ipAddress}

curl \
 --request GET 'https://cloud.mongodb.com/api/atlas/v1.0/orgs/4888442a3354817a7320eb61/apiKeys/{apiUserId}/accessList/192.0.2.0%2F24' \
 --header "Authorization: Bearer $ACCESS_TOKEN"

Response examples (200)

{
  "cidrBlock": "203.0.113.0/24",
  "count": 42,
  "created": "2026-05-04T09:42:00Z",
  "ipAddress": "203.0.113.10",
  "lastUsed": "2026-05-04T09:42:00Z",
  "lastUsedAddress": "203.0.113.10",
  "links": [
    {
      "href": "https://cloud.mongodb.com/api/atlas",
      "rel": "self"
    }
  ]
}

Response examples (401)

{
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "error": 401,
  "errorCode": "NOT_ORG_GROUP_CREATOR",
  "reason": "Unauthorized"
}

Response examples (403)

{
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "error": 403,
  "errorCode": "CANNOT_CHANGE_GROUP_NAME",
  "reason": "Forbidden"
}

Response examples (404)

{
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "error": 404,
  "errorCode": "RESOURCE_NOT_FOUND",
  "reason": "Not Found"
}

Response examples (500)

{
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "error": 500,
  "errorCode": "UNEXPECTED_ERROR",
  "reason": "Internal Server Error"
}