Cannot use WHM authentication for remote access to API 2

[netshine]

When a customer updates their email address in my billing system, I want to make a remote call to WHM/cPanel and update their contact email address. As far as I can see, the only way to do that is to make a call to the api2 function CustInfo::savecontactinfo.

However, I don't know the user's password, so I have to connect as a reseller or as root. If I try to make a call to an api2 function remotely, it will only work if I use basic authentication. For that I have to store my root password in my script's database, which I don't want to do. I can use WHM authorization ok to access WHM function calls such as xml-api/createacct (using user root and the remote access key), but not to access xml-api/cpanel functions (using the account username and the owner's remote access key).

Is there any way I can call an api2 function remotely using the client's account username and my reseller or root remote access key instead of a password?

 

[cPanelDavidG]

Can you clarify, have you also attempted logging in using the account owner's username and the account owner's remote access key then passing the cPanel user's username through the XML-API when calling this function via the XML-API? This scenarion I mention should work, but I didn't see it explicitly mentioned in your post hence my question/recommendation about this.

 

[netshine]

Thank you for your reply. I tried to find some way of doing that, but I could not see any way of passing the username to the API - the username does not seem to be a parameter for any of the API function calls, and I could not see anything in the documentation about that. How exactly do I pass the account username in?

 

[cPanelDavidG]

Thank you for your reply. I tried to find some way of doing that, but I could not see any way of passing the username to the API - the username does not seem to be a parameter for any of the API function calls, and I could not see anything in the documentation about that. How exactly do I pass the account username in?

I recommend reading this document about how to call API 1/API2 functions via the XML-API as the cPanel username (cpanel_xmlapi_user) is a required parameter when calling these functions via the XML-API.

cPanel XML and JSON APIs

 

[netshine]

Yes! That works, thank you. For some reason I could not find that part about the username parameter - I think maybe it should be mentioned in the section on authenticating API calls, as that was where one might naturally expect to find this info. Thanks very much for pointing me in the right direction.