Skip to main content
cPanel Technical Support has been heavily impacted by hurricane Beryl and our ability to respond to tickets has been hindered as a result. We appreciate your understanding and patience as we address these delays.

Create email through API

Comments

8 comments

  • Andy Baugh cPanel Staff

    Howdy,

    Typically when token authentication is used with the API, the cpsess_ bit in the URL *should not* be in use. The URL example you gave contained the cpsess_ bit, so I suspect that is the issue?

    If that is not the problem, I'd probably start by checking that I got the token header looking right and that I used the correct token for the user.

    Hope this helps!

    1
  • Andy Baugh cPanel Staff

    cPanel token permissions should match whatever permissions the account has, so if anything you'd want to check the feature list associated with the user's hosting package. That said, you did just say that you could run the call successfully using normal BASIC auth with the username and password for the account (if I'm reading your reply correctly), so I doubt it is something wrong with the token's permissions.

    It is good to know that it is a 403 Forbidden and not a 401 Unauthorized error. This tells me the token at least is valid for some user on the host, even if the API thinks the action you are asking of it is forbidden given current privileges.

    The following may seem like silly questions or things to check, but they may be helpful to answer:

    * Are you sure the token you are using actually is for the user you are trying to perform the action as? It may be worth running other API calls with this token (list_pops) for example and seeing if you get the expected results for the user this token should be for.

    * Are you sure there's nothing strange going on with the account's primary domain (administrator on the host doesn't allow parking on top of other domains accross accounts, etc.)? Just grasping at straws here, but perhaps the system doesn't think that the default domain associated with the account belongs to them. It may be worth specifying the domain as well in the call?

    * It could be possible that the "API Tokens" feature isn't enabled for the account. I know it sounds somewhat strange, as I doubt you would have been able to get a cPanel API token in the first place if that were disabled for the account. Still worth checking if all other avenues to troubleshoot this have been exhausted, and *especially* if you wind up getting 403 forbidden on *any* API call and not just add_pop.

    Best of luck in figuring this out, hopefully it's just something simple that is missing to make this succeed.

    1
  • cPRex Jurassic Moderator

    The token permissions are set in WHM at the time the token is created, yes.

    1
  • Andy Baugh cPanel Staff

    In WHM, token permissions are granular, you can specify them. In cPanel, this is not true. In cPanel, the token should grant full access to everything the cPanel user already has access to.

    In this case though, I doubt a WHM token is even relevant, as the context is using a cPanel API token to make an API call specifically unless I'm terribly mistaken.

    If a WHM API token was in use, then you'd want to use the WHM API's "cpanel" function to execute this API call instead.

    1
  • Andy Baugh cPanel Staff

    That's definitely some important information! I think I can take that to our documentation team and at least clarify our own documentation regarding team users and cPanel API tokens.

    Glad to hear you got it sorted in any event.

    1
  • Eduardo Santos

    Hello Andy Baugh, thank you for your help!

    Indeed i missed the detail of cpsess not being included when using the API Token.
    I fixed it and using postman with username+password i can acess and create an email account, but using the API token(cpanel XXXUSER:123ABCDEFG) i still get a 403 Forbidden Acess denied. Can it be related to token permissions? or am i missing something else?

    0
  • Eduardo Santos

    Hello! Im still trying to troubleshoot with those options but i have a question, Token permissions are given in the cpanel or in WHM? If i set them in WHM the token will always have the same permissions?

    0
  • Eduardo Santos

    So i figured the problem about the token. If i created a token with my user on our company cPanel i had the 403 forbidden when trying to create an email, but if our team manager(owner) created the token in our cpanel i no longer have the 403 and everything works. Really missed this detail.

    Thank you for all your help, amazing! Andy Baugh

    0

Please sign in to leave a comment.