Applicable to:
- Plesk for Linux
Question
How to create a Plesk XML API access token and how to use it for XML API passwordless authentication?
Answer
A secret key can be obtained from Plesk via XML API or from CLI and then it can be used for passwordless authentication instead of the username and password.
To create a secret key for the Plesk administrator account:
-
Connect to the server via SSH
-
Specify the IP address and description that will be linked to this secret key and its description:
# plesk bin secret_key -c -ip-address 203.0.113.2 -description "Admin access token"
778a476a-cf1c-7434-ea47-9f229d70e934Note: you may specify a few Ip addresses devided by comma.
-
Afterward, the Plesk secret key can be used placing it on the HTTP header request with the
KEYparameter:Note: Where
778a476a-cf1c-7434-ea47-9f229d70e934is the admin access token, theapi.rpcis a file containing the XML request and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: 778a476a-cf1c-7434-ea47-9f229d70e934" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
In case it's necessary to create a Plesk XML API access token for another Plesk user:
-
Create a secret key for the Plesk administrator account by following the steps described above
-
Create the file
api.rpcwith the following content:Note: Where
203.0.113.2is the IP allowed for the connection and the loginjdoeis the Plesk userCONFIG_TEXT: <packet>
<secret_key>
<create>
<ip_address>203.0.113.2</ip_address>
<login>jdoe</login>
</create>
</secret_key>
</packet> -
Send the API request:
Note: Where
778a476a-cf1c-7434-ea47-9f229d70e934is the admin access token, theapi.rpcis a file containing the XML request created on the previous step and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: 778a476a-cf1c-7434-ea47-9f229d70e934" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
The API response will provide the access token belonging to the Plesk user:
CONFIG_TEXT: <?xml version="1.0" encoding="UTF-8"?>
<packet version="1.6.9.1">
<secret_key>
<create>
<result>
<status>ok</status>
<key>e4b01d73-7368-64a6-0515-9fa8fc1d3a78</key>
</result>
</create>
</secret_key>
</packet> -
Afterward, the secret key belonging to the Plesk user can be used for Plesk XML API requests:
Note: Where
e4b01d73-7368-64a6-0515-9fa8fc1d3a78is the Plesk user access token, theapi.rpcis a file containing the XML request and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: e4b01d73-7368-64a6-0515-9fa8fc1d3a78" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
To know more about the XML API requests check out the following documentation:
Comments
1 comment
when I run next command to give additional admin API access I get error.
Additonal plesk admin <client-admin> exists and can normally login to plesk administration.
# command
curl -kLi -H "Content-Type: text/xml" -H "KEY: 7t67t87ym8y8yym9ym87y88yhd" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://x.x.x.x:8443/enterprise/control/agent.php
# error
HTTP/2 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/xml;charset=UTF-8
expires: Mon, 26 Jul 1990 05:00:00 GMT
last-modified: Fri, 16 Sep 2022 19:27:42 GMT
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
date: Fri, 16 Sep 2022 19:27:43 GMT
<?xml version="1.0" encoding="UTF-8"?>
<packet version="1.6.9.1">
<secret_key>
<create>
<result>
<status>error</status>
<errcode>1013</errcode>
<errtext>Can not find client 'client-admin'</errtext>
</result>
</create>
</secret_key>
</packet>
Please sign in to leave a comment.