# Admin Domains Allow List

Administrative endpoints for managing domain allowlists. When domain allowlisting is enabled, only domains in this list can federate with the instance. Write operations require Federation.Manage permission; read operations require Federation.Read or Federation.Manage permission.

## List allowed domains

 - [GET /api/v1/admin/domain-allow](https://docs.wellesley.social/openapi/admin-domains-allow-list/paths/~1api~1v1~1admin~1domain-allow/get.md): Retrieves a paginated list of all domains in the federation allowlist. This list determines which external instances can federate with this server when allowlisting is enabled.

RBAC:
- requires ANY of Federation.Read, Federation.Manage

## Add domain to allowlist

 - [POST /api/v1/admin/domain-allow](https://docs.wellesley.social/openapi/admin-domains-allow-list/paths/~1api~1v1~1admin~1domain-allow/post.md): Adds a domain to the federation allowlist. When domain allowlisting is enabled, only domains in this list can federate with the instance. Cannot add the instance's own domain.

RBAC: requires Federation.Manage

## Remove domain from allowlist

 - [DELETE /api/v1/admin/domain-allow/{domain}](https://docs.wellesley.social/openapi/admin-domains-allow-list/paths/~1api~1v1~1admin~1domain-allow~1%7Bdomain%7D/delete.md): Removes a domain from the federation allowlist. This will trigger background jobs to unfederate with the domain and clean up any existing connections.

RBAC: requires Federation.Manage

