Secure Interfaces for Your Applications
With API Tokens, you can allow external programs or third-party providers to execute specific functions within your cPanel account (e.g., querying disk space or starting backups). The major advantage: you don't have to share your main cPanel password and can revoke access for each token individually at any time.
Use Case Example: If you use an external dashboard to monitor your hosting resources, you create an API token for it. If you stop using the service, simply delete the token without needing to change your password.
Creating a New API Token
- Navigate to Security » API Tokens in cPanel.
- Click the Create button.
- Enter a unique Name for the token (e.g., "Monitoring Script").
- Choose whether the token should have an Expiration Date. This increases security for temporary access.
- Click Create.
Important Security Note:
Once generated, the token will be displayed to you only once. Copy it immediately to a secure location (e.g., a password manager). Once you leave the page, the token can never be displayed again for security reasons!
Once generated, the token will be displayed to you only once. Copy it immediately to a secure location (e.g., a password manager). Once you leave the page, the token can never be displayed again for security reasons!
Managing and Revoking Tokens
Keep track of all active access points in the token table:
➤ Status Colors
Yellow rows warn you of tokens expiring soon. Red rows indicate already expired tokens that no longer have authorization.
Yellow rows warn you of tokens expiring soon. Red rows indicate already expired tokens that no longer have authorization.
➤ Renaming
Use the "Manage" function to change a token's name at any time to keep things organized.
Use the "Manage" function to change a token's name at any time to keep things organized.
➤ Revoke (Delete)
When you revoke a token, access for the external application is blocked immediately and permanently.
When you revoke a token, access for the external application is blocked immediately and permanently.
Technical Details for Developers
- Supported APIs: Tokens work with UAPI functions and cPanel API 2.
- Expiration: A token expires at 23:59:59 server time on the chosen date.
- Command Line: Tokens are ideal for executing functions via the CLI (Command Line Interface).
Lost a token?
No problem: simply revoke the old token and create a new one in seconds.
