XML-API is any of these possible?

[neo4242002]

I have a client own 16 cPanel servers (and growing). The client has a dedicate developer team who build some web applications for his customers. He needs a solution where he doesn’t want to share cPanel main password with developer team. But developer team still need to give access to MySQL functions (like, create, delete and change user privilege) , cPanel phpmyadmin interface , access to “public_html” via FTP (this we can do easily) and change cPanel main password from another interface when he needs.

I was thinking to develop a new application interface using cPanel XML-API for his needs. But these are my questions.

A) Is there way cPanel can have another cPanel user account with less privilege to access Panel resources? In my case “developer” user but only has access to MySQL and FTP.

B) Is there any API to reset cPanel main password?

C) Do I need to use any “Access Key” (like WHM key) with XML- API?

D) What will be my cPanel API URL looks like for www.myclient.tld? (for particular function)

E) Is it possible to access cPanel version of phpmyadmin interface from our application? Or is there way to access cPanel database from our own instance of phpmyadmin?

F) If we able to develop this kind of application, do we have to install it on every cPanel server this client own? or can we access all his cPanel servers remotely from one server?

I really don’t want to disappoint this client; any cPanel stuff support would be really appreciated on this regard. (Even undocumented API, please PM me.)

[cPanelDavidG]

He needs a solution where he doesn’t want to share cPanel main password with developer team. But developer team still need to give access to MySQL functions (like, create, delete and change user privilege) , cPanel phpmyadmin interface , access to “public_html” via FTP (this we can do easily) and change cPanel main password from another interface when he needs.

...

A) Is there way cPanel can have another cPanel user account with less privilege to access Panel resources? In my case “developer” user but only has access to MySQL and FTP.

I assume by "cPanel main password" you actually mean the server's root password. In that case, you can setup additional root-level reseller accounts that the developers can use, so the root password isn't known by the developers. This will also grant the developers full access to cPanel/WHM but not the server itself (by default).

B) Is there any API to reset cPanel main password?

You can change cPanel account passwords, but changing the root password is not something I believe the API can do at this time.

C) Do I need to use any “Access Key” (like WHM key) with XML- API?

The developers can use the access key/hash from their own WHM account in the XML-API.

D) What will be my cPanel API URL looks like for www.myclient.tld? (for particular function)

cPanel API1 and API2 are not XML-based/URL-based APIs. They are a series of modules::functions you can call.

E) Is it possible to access cPanel version of phpmyadmin interface from our application? Or is there way to access cPanel database from our own instance of phpmyadmin?

Many individuals use their own phpMyAdmin instances to administer their cPanel databases. Just be very careful regarding security if you choose this route.

F) If we able to develop this kind of application, do we have to install it on every cPanel server this client own? or can we access all his cPanel servers remotely from one server?

You can create one central script to access all your cPanel/WHM servers. However, note that the access key will likely be different for each server.

I really don’t want to disappoint this client; any cPanel stuff support would be really appreciated on this regard. (Even undocumented API, please PM me.)

There are many undocumented APIs at the moment (not so much with the XML-API as API1 and API2). Since the X3 theme is based off these undocumented APIs, determining how to use the APIs really is simply a matter of looking at the APIs the X3 theme calls to perform its tasks. You can find the files for the X3 theme in /usr/local/cpanel/base/frontend/x3.

[neo4242002]

David, Thank you very much for the answers to all my questions.

I assume by "cPanel main password" you actually mean the server's root password. In that case, you can setup additional root-level reseller accounts that the developers can use, so the root password isn't known by the developers. This will also grant the developers full access to cPanel/WHM but not the server itself (by default).

You can change cPanel account passwords, but changing the root password is not something I believe the API can do at this time.

No I meant to say, cPanel password on each domain. Ex: mydomain.tld/cpanel . So what is the API for change cPanel password and any tutorial links will be appreciated. (cPanel forum now too big to search something

The developers can use the access key/hash from their own WHM account in the XML-API.

Okay Great!, So any sample how to use access key/hash in my php scripts? Also I guess key/ hash only need to WHM API and no need for cPanel API call?

cPanel API1 and API2 are not XML-based/URL-based APIs. They are a series of modules::functions you can call.

Well... its confusing me . So why do you call XML-API in your documentation? Also how do I call local modules or functions remotely through my PHP scripts? ex: mydomain.tld in server A and my new interface host in server B. If it was just a URL I could have just call something like this...

PHP Code:

http://username:password@mydomain.tld:2082/xml-api/funtionname&para1=value&para2=value 


I thought this is how I call cPanle XML-API from my scripts. please correct me or direct me to a proper sample code URL

Many individuals use their own phpMyAdmin instances to administer their cPanel databases. Just be very careful regarding security if you choose this route.

If I have no way to access cPanel phpmyadmin instance outside the cPanel, then I mostly need to use this method. Do you have specific URLs regarding these security issues?

[cPanelDavidG]

No I meant to say, cPanel password on each domain. Ex: mydomain.tld/cpanel . So what is the API for change cPanel password and any tutorial links will be appreciated. (cPanel forum now too big to search something

Actually, there is an XML-API function for that:

http://www.cpanel.net/plugins/xmlapi/passwd.html

Okay Great!, So any sample how to use access key/hash in my php scripts? Also I guess key/ hash only need to WHM API and no need for cPanel API call?

Code sample at: http://forums.cpanel.net/showpost.ph...38&postcount=6

You will need to call cPanel APIs (API1 and API2) via the XML-API if you are not building a Plug-in. The WHM API, also known as cPanel::Accounting, is antiquated (though still supported) and has been essentially replaced by the XML-API.

Well... its confusing me . So why do you call XML-API in your documentation? Also how do I call local modules or functions remotely through my PHP scripts? ex: mydomain.tld in server A and my new interface host in server B. If it was just a URL I could have just call something like this...

PHP Code:

http://username:password@mydomain.tld:2082/xml-api/funtionname&para1=value&para2=value 


I thought this is how I call cPanle XML-API from my scripts. please correct me or direct me to a proper sample code URL

There is a significant difference in syntax between API2 and XML-API. Just look at the documentation yourself:

http://www.cPanel.net/plugins/devel

API2 can be called from the XML-API. This is done so programs that aren't cPanel plugins (embedded in cPanel) can call API2 functions as well.

Note, XML-API calls must be routed through the WHM ports, not the cPanel ports (:2086, :2087). The XML-API requires a minimum of reseller access. Even then, you are limited to the privileges of your account.

If I have no way to access cPanel phpmyadmin instance outside the cPanel, then I mostly need to use this method. Do you have specific URLs regarding these security issues?

The issue is so obvious, I doubt there's any documentation. Letting anyone edit your databases without needing to enter any passwords is a very bad idea. At the very least, one should protect it with .htaccess.