Manage API Tokens in cPanel

This element (ia-generated) isn't supported, or may require an update to be displayed. You can try to refresh the app.

Overview

Important
This functionality is experimental. It may change in future versions.
The Unrestricted application programming interface (API) tokens can access API functions that do not have an associated feature.
This feature lets you create, list, update, and revoke API tokens. The server recognizes API tokens and allows you to run API functions. API functions allow you to view and change account data without the need to log in to the cPanel interface. You can issue API tokens to allow others to run API functions with your account’s data. For example, you could issue an API token to a reseller. The reseller could use that token to check disk usage.
Note
API tokens run  UAPI  functions and  cPanel API 2  functions, not  cPanel API 1  functions.
Use API tokens to run API functions from the command line. For more information, read our  How to Use cPanel API Tokens  documentation.
For more information about using API functions, read our  Quickstart Development Guide  documentation.

Create an API token

To create an API token, perform the following steps:
    .1Click Create. The Create API Token interface will appear.
    .2Enter a unique name in the API Token Name text box.
Note
An API token name can only contain up to 50 characters.
You can only enter letters (a - z and A - Z), numbers (0 - 9), dashes ( - ), and underscores ( _ ).
    .3Select one of the following options from the Should the API Token Expire? section:
  • The API Token will not expire. — This will create a token that does not have an expiration date.
  • Specify an expiration date. — This allows you to create a token that expires on a specific date. By default, tokens expire one year from the current date. When you select this option, the interface displays the API Token Expiration Date section. Use the the calendar icon () to open a calendar to select a desired expiration date. You can also enter a custom date in the calendar text box, in YYYY-MM-DD format. The token will expire on the date you select at 23:59:59, server time.
Important
You cannot edit an API token expiration date after creation.
When an API token expires, the system will not remove it. You must  manually delete  an API token.
    .4Click Create. A new interface will appear.
  • To copy the API token, click Copy. Think of this token like a password. You must enter this token each time that you use it.
WarningYou cannot access the token after you navigate away from the interface. If you forget or misplace this token, you must revoke the token and then create a new one.
    .5Click Yes, I Saved My Token.
  • To create a new token, select Create another token after I click Yes, I saved my token checkbox.
  • To return to the List API Tokens interface, deselect the Create another token after I click Yes, I saved my token checkbox.

The API tokens table

This table displays all of your API tokens. You can perform the following functions:
  • To display more API tokens per page, click the gear icon (
) and then select a number.
To revoke multiple tokens:
    .aSelect the checkboxes for each token to revoke. Select the checkbox at the top of the table to select every token.
    .bClick Revoke. A confirmation message will appear.
    .cClick Revoke Selected API Tokens.
The API tokens table contains the following information:
  • Token Name — The API token’s name.
  • Created — The date and time that you created the API token.
  • Expires — If an API token expires, the date and time on which the token will expire:
  • When an API token will soon expire, the interface displays its entry row in yellow. It also displays a notice icon (
).
  • The interface displays expired API token entry rows in red. It also displays a notice icon (
).
RememberWhen API tokens expire, the system does not remove them. You must manually delete expired API tokens.
  • Manage — Click Manage to open a new interface where you can perform the following actions:
  • Rename Token — Assign a new name for the token.
  • Revoke the Token — Delete the token, and prevent it from accessing the server or any API functions.

Manage an API token

To manage an API token, locate the token in the API Tokens table and then click Manage. The Manage API Token interface will appear.

Rename Token

To assign a new name for the token, enter a new name in the New API Token Name text box. Then click Update.

Revoke the Token

Warning
If you revoke an API token, users will not be able to run any scripts or API functions using that token.
To revoke an API token:
    .1Click Revoke. A confirmation message will appear.
    .2Click Yes, Revoke the Token to revoke the token.
Note
To remove an API token on the command line, use the UAPI  Tokens::revoke  function.