Applicable to:
- Plesk for Linux
Question
How to create a Plesk XML API access token and how to use it for XML API passwordless authentication?
Answer
A secret key can be obtained from Plesk via XML API or from CLI and then it can be used for passwordless authentication for the Plesk Administrator, any Plesk Customer account, or any Plesk Reseller account instead of the username and password.
Note: At the moment, the use of the XML API protocol is allowed to Administrator, Resellers and Customers of Plesk.
These users are provided with programmatic means of managing various Plesk objects they own.
Administrator is allowed to perform all operations of whatever version of all available protocol versions.
Resellers have access to a limited number of operations within each particular version of XML API.
When using a Reseller account, a strict requirement is that the option Ability to use XML API is selected in the reseller account properties, on the Permissions tab.
Customers have access to a limited number of operations within each particular version of XML API. Access to XML API is granted to all customers by default and it cannot be turned off.
To create a secret key for the Plesk Administrator account you may follow these steps:
-
Connect to the server via SSH
-
Specify the IP address and description that will be linked to this secret key and its description:
# plesk bin secret_key -c -ip-address 203.0.113.2 -description "Admin access token"
778a476a-cf1c-7434-ea47-9f229d70e934Note: You may specify a few IP addresses, divided by comma.
-
Afterwards, the Plesk secret key can be used placing it on the HTTP header request with the
KEYparameter:Warning: Do not enter
<secret_key>and</secret_key>in api.rpc files from this point forwardNote: Where
778a476a-cf1c-7434-ea47-9f229d70e934is the admin access token, theapi.rpcis a file containing the XML request and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: 778a476a-cf1c-7434-ea47-9f229d70e934" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
In case it's necessary to create a Plesk XML API access token for another Plesk any Reseller account, or any Customer account:
-
Create a secret key for the Plesk administrator account by following the steps described above
-
Create the file
api.rpcwith the following content:Note: Where
203.0.113.2is the IP allowed for the connection and the loginjdoeis the Plesk user<packet version="1.6.3.0">
<secret_key>
<create>
<ip_address>203.0.113.2</ip_address>
<login>jdoe</login>
</create>
</secret_key> -
Send the API request:
Note: Where
778a476a-cf1c-7434-ea47-9f229d70e934is the admin access token, theapi.rpcis a file containing the XML request created on the previous step and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: 778a476a-cf1c-7434-ea47-9f229d70e934" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
The API response will provide the access token belonging to the Plesk user:
<?xml version="1.0" encoding="UTF-8"?>
<packet version="1.6.9.1">
<secret_key>
<create>
<result>
<status>ok</status>
<key>e4b01d73-7368-64a6-0515-9fa8fc1d3a78</key>
</result>
</create>
</secret_key>
</packet> -
Afterwards, the secret key belonging to the Plesk user can be used for Plesk XML API requests:
Warning: Do not enter
<secret_key>and</secret_key>in api.rpc files from this point forwardNote: Where
e4b01d73-7368-64a6-0515-9fa8fc1d3a78is the Plesk user access token, theapi.rpcis a file containing the XML request and203.0.113.10is the Plesk server IP address# curl -kLi -H "Content-Type: text/xml" -H "KEY: e4b01d73-7368-64a6-0515-9fa8fc1d3a78" -H "HTTP_PRETTY_PRINT: TRUE" -d @api.rpc https://203.0.113.10:8443/enterprise/control/agent.php
To know more about the XML API requests check out the following documentation:
Comments
Please sign in to leave a comment.