> ## Documentation Index
> Fetch the complete documentation index at: https://docs.prowler.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Linode Authentication in Prowler

export const VersionBadge = ({version}) => {
  return <a href={`https://github.com/prowler-cloud/prowler/releases/tag/${version}`} target="_blank" rel="noopener noreferrer" className="version-badge-link">
            <span className="version-badge-container">
                <span className="version-badge">
                    <span className="version-badge-label">Added in:</span> 
                    <span className="version-badge-version">{version}</span>
                </span>
            </span>
        </a>;
};

<VersionBadge version="5.31.0" />

Prowler for Linode uses a **Personal Access Token** (PAT) for authentication. Prowler reads the token **exclusively** from the `LINODE_TOKEN` environment variable, so the secret is never exposed in shell history or process listings. There are no credential CLI flags.

## Required Permissions

Prowler requires read-only access to your Linode account. The following OAuth scopes are needed on the Personal Access Token:

| Scope      | Access      | Description                                         |
| ---------- | ----------- | --------------------------------------------------- |
| `account`  | `Read Only` | Required to list users and verify account identity  |
| `linodes`  | `Read Only` | Required to list instances and their configurations |
| `firewall` | `Read Only` | Required to list firewalls and their rules          |

<Warning>
  Ensure the token has all required scopes. Missing permissions will cause some checks to fail or return incomplete results.
</Warning>

***

## Personal Access Token

### Step 1: Create a Personal Access Token

1. Log into the [Linode Cloud Manager](https://cloud.linode.com).
2. Click your username in the top-right corner, then select **API Tokens** under the "My Profile" section.
3. Click **Create a Personal Access Token**.
4. Configure the token:
   * **Label:** A descriptive name (e.g., "Prowler Security Scanner")
   * **Expiry:** Set an appropriate expiration (e.g., 6 months)
   * **Permissions:** Set the following scopes to **Read Only**:
     * Account
     * Linodes
     * Firewall
   * All other scopes can be set to **No Access**
5. Click **Create Token**.
6. Copy the token immediately — it will not be shown again.

### Step 2: Configure Authentication

Set the `LINODE_TOKEN` environment variable:

```bash theme={null}
export LINODE_TOKEN="your-personal-access-token"
```

Then run Prowler:

```bash theme={null}
prowler linode
```

***

## Verifying Authentication

To verify that Prowler can connect to your Linode account, run:

```bash theme={null}
prowler linode --list-checks
```

If authentication succeeds, you will see a list of available checks. If it fails, Prowler will display an error message indicating the credentials issue.

***

## CI/CD Integration

For automated pipelines, set the token as a secret environment variable:

**GitHub Actions:**

```yaml theme={null}
env:
  LINODE_TOKEN: ${{ secrets.LINODE_TOKEN }}

steps:
  - name: Run Prowler
    run: prowler linode
```

**GitLab CI:**

```yaml theme={null}
variables:
  LINODE_TOKEN: $LINODE_TOKEN

prowler_scan:
  script:
    - prowler linode
```
