Skip to main content

Comments

20 comments

  • cPanelLauren
    HI @Marani The tokens are only available to be used with WHMAPI Functions, DNS Clustering, and configuration Clusters at this time per our documentation here: Manage API Tokens - Version 74 Documentation - cPanel Documentation Furthermore, it's only valid for the root user or a reseller user as indicated here: Guide to API Authentication - API Tokens - Developer Documentation - cPanel Documentation To do what you're requesting it sounds like you'll need to use one of the other authentication methods available. Thanks!
    0
  • Marani
    Hi Lauren, I believe you are talking about API token here, right? Guide to API Authentication - Developer Documentation - cPanel Documentation If yes, then, API token method is not for cPanel, so how do I generate cpsess (security token) with API? I need this to get authenticated to cPanel. If I log in using web browser I see cpsess generated in the address bar. I just don't want to use any browser-based action in my software that I'm coding. Are you familiar with POSTMAN? I do tests using postman. Thanks
    0
  • cPanelLauren
    Hi @Marani As I indicated in my last response, no API token Authentication is not for cPanel it will only work for WHM i.e. the root user or a reseller. The only suitable method I can think of that wouldn't be browser based would be Guide to API Authentication - Secure Remote Logins - Developer Documentation - cPanel Documentation There is a list of suitable authentication methods at the bottom of the page here: Guide to API Authentication - Developer Documentation - cPanel Documentation [QUOTE]Authentication methods You can use the following methods to authenticate with cPanel & WHM in your custom code:
    0
  • Marani
    Secure Remote Login seems to need a PHP coding, which I don't know. I want to C#. The second link is the same authentication methods I posted in the first post. I wanted to create a file uploader in C# everything is done and works correctly except the first step which is to get cpsess (given after logging in via the browser).
    0
  • cPanelLauren
    HI @Marani
    Secure Remote Login seems to need a PHP coding, which I don't know. I want to C#.

    If you read through and looked at the example, you'd see it was actually using a perl script as an example. As long as the Cpanel::LogMeIn module was able to be called this would work.
    The second link is the same authentication methods I posted in the first post.

    Yes, I am aware of that, I was just making a reference to the available authentication methods, as you can see from the quoted text. These are what is available
    I wanted to create a file uploader in C# everything is done and works correctly except the first step which is to get cpsess (given after logging in via the browser).

    If you don't know how to use any of the authentication methods available with your project you may want to look at enlisting the assistance of a developer that may be able to help you integrate one of them into your project. You might find some help here: System Administration Services | cPanel Forums though this is geared more toward system administrators. `
    0
  • Marani
    Hi @cPanelLauren I have no idea how I forgot that I have written the authentication some time ago. I found it last night between source code files, tested it and it works perfectly. it was simple and needed none of the sample codes in the documentation. Now I can the most of cPanel API 2 and UAPI functions. Thanks
    0
  • cPanelLauren
    Hi @Marani Well, that's a really nice find!! I'm glad the issue is sorted and you can use the API and UAPI as you initially intended now :)
    0
  • rccaj
    Hi @cPanelLauren I have no idea how I forgot that I have written the authentication some time ago. I found it last night between source code files, tested it and it works perfectly. it was simple and needed none of the sample codes in the documentation. Now I can the most of cPanel API 2 and UAPI functions. Thanks

    Hi Even I am looking for this solution for generating api token through cpanel can you please help me with the code to see how does it works. Thanks in Advance Hi @Marani Even i am looking for same solution if you could help
    0
  • Marani
    Hi @rccaj, I get the session key this way and use all the way for other API calls: You need to use a POST method to send a request to "cPanelUrl:2083/login/?login_only=1" and for the parameters you need to pass credentials like "user=cpanelUsername&pass=#cpanelPassword". The response would be like: {"status":1,"notices":[],"redirect":"/cpsess9394767568/frontend/paper_lantern/index.html?login=1&post_login=15475794144014","security_token":"/cpsess9394767568"}
    After getting this you can get the token (session key) using a JSON parser, regex or whatever you use. TIP: Use getpostman.com or servistate.com to make sure it works. Hope that helps.
    0
  • rccaj
    Hello @Marani Thanks for the help the thing is this method is working for some hosting accounts and for some domains hosting account its not working could you know if any possible reason for it that it works on few and for few it doesnt work.
    0
  • Marani
    PM me those cPanels that this method doesn't work on them and I will check. I need login info and you can change after the check. Because I tested on 3 different cPanels from 3 hosting companies and it worked on all.
    0
  • Infopro
    PM me those cPanels that this method doesn't work on them and I will check. I need login info

    Please do not ask for this sort of information on these forums. No user should ever be sharing login details with any other user.
    0
  • Marani
    Sorry, didn't know that. @rccaj that method works for me by the way.
    0
  • dgeniusudesign
    Hi Marani, Thank you so much for this thread. I had been searching for this for nearly 2 weeks and I am really glad I found this. I tried the method and it works until I get a security token. The security token that I get from Postman & from my code are different. The one I get from my code does not work and when I use it, I get Status 401 - Access Denied. Any ideas what is happening here? Regards, Monish
    0
  • Strangemother
    Hi @rccaj, I get the session key this way and use all the way for other API calls: You need to use a POST method to send a request to "cPanelUrl:2083/login/?login_only=1" and for the parameters you need to pass credentials like "user=cpanelUsername&pass=#cpanelPassword". The response would be like: {"status":1,"notices":[],"redirect":"/cpsess9394767568/frontend/paper_lantern/index.html?login=1&post_login=15475794144014","security_token":"/cpsess9394767568"}
    After getting this you can get the token (session key) using a JSON parser, regex or whatever you use. TIP: Use getpostman.com or servistate.com to make sure it works. Hope that helps.

    I just want to say thank you - this worked great. It's taken me weeks to solve this problem. Is there a possibility to apply forum search tag to this as "How to authenticate a user's cPanel" of something? And some other bits helped:
    0
  • cPanelLauren
    I added some tags relevant to the discussion, thanks for your input @Strangemother
    0
  • Strangemother
    Thank you @cPanelLauren. To add my note, I've been struggling with this for a while. Now I've solved it I see how trivial it was. I hope others find this faster than I did. I've quantified two working solutions. The latter is much nicer. How do I login users to cPanel Requirements:
    • cpanel api, WHM management api
    As a provider, I would like to log-in my users into their cPanel for their benefit; server to client browser. It allows me to apply stronger credentials and support login issues with tickets. user/pass login The [history] thread is correct - using "/login/?login-only=1" persists a users session. I feel it's designed for explicit robot UI work - such as auto clicking and parsing. This has a number of (valid) limits:
    • Login credentials require the users password
    • sessions are maintained by the owning utility (the server script, or a local client (postman))
    • the session is held with cookies.
    And it works fine if you're viewing within the session - such as postman or some interesting embedded wrapper. But due to newer internet securities this isn't shareable with the browser. Therefore if the session is generated within the server-side environment, you can't pass this to the user. This is due to the browser securing your session to the domain and app. To test this, authenticate (and perform) Postman - then open a new tab and paste the API given "session url"; it'll work. But applying the same address to another browser will require authentication. client behalf login The endpoint authenticates for a small session window and returns a rich definition for the user session. {'data': {'cp_security_token': '/cpsess1470532104', 'expires': 2559961754, 'service': 'cpaneld', 'session': 'myuser:random:create_user_session, random', 'url': '
    0
  • scutting
    @Strangemother, I am attempting to do a similar thing that you described here, but I am having difficulty getting the "hand-off" to work as you describe. When I pass the returned URL, I am presented with the cPanel login screen instead of having the session already started. Would you be willing to share the code that shows how you are making this work? I am using PHP, but am able to understand Python, if that is what you have. Thanks in advance.
    0
  • cPanelTJ
    @scutting in the event that @Strangemother isn't able to get back to you, would you mind sharing what you have so far and we can try to help?
    0
  • mer30boy
    Hi @rccaj, I get the session key this way and use all the way for other API calls: You need to use a POST method to send a request to "cPanelUrl:2083/login/?login_only=1" and for the parameters you need to pass credentials like "user=cpanelUsername&pass=#cpanelPassword". The response would be like: {"status":1,"notices":[],"redirect":"/cpsess9394767568/frontend/paper_lantern/index.html?login=1&post_login=15475794144014","security_token":"/cpsess9394767568"}
    After getting this you can get the token (session key) using a JSON parser, regex or whatever you use. TIP: Use getpostman.com or servistate.com to make sure it works. Hope that helps.

    hi Marani can you write a example code ?
    0

Please sign in to leave a comment.