Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,972
638
263
Houston
cPanel Access Level
DataCenter Provider
HI @Marani

The tokens are only available to be used with WHMAPI Functions, DNS Clustering, and configuration Clusters at this time per our documentation here:
Manage API Tokens - Version 74 Documentation - cPanel Documentation

Furthermore, it's only valid for the root user or a reseller user as indicated here:
Guide to API Authentication - API Tokens - Developer Documentation - cPanel Documentation

To do what you're requesting it sounds like you'll need to use one of the other authentication methods available.

Thanks!
 

Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner
Hi Lauren,

I believe you are talking about API token here, right?
Guide to API Authentication - Developer Documentation - cPanel Documentation

If yes, then, API token method is not for cPanel, so how do I generate cpsess (security token) with API? I need this to get authenticated to cPanel.

If I log in using web browser I see cpsess generated in the address bar. I just don't want to use any browser-based action in my software that I'm coding.

Are you familiar with POSTMAN? I do tests using postman.

Thanks
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,972
638
263
Houston
cPanel Access Level
DataCenter Provider
Hi @Marani

As I indicated in my last response, no API token Authentication is not for cPanel it will only work for WHM i.e. the root user or a reseller.

The only suitable method I can think of that wouldn't be browser based would be Guide to API Authentication - Secure Remote Logins - Developer Documentation - cPanel Documentation

There is a list of suitable authentication methods at the bottom of the page here: Guide to API Authentication - Developer Documentation - cPanel Documentation

Authentication methods
You can use the following methods to authenticate with cPanel & WHM in your custom code:

 

Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner
Secure Remote Login seems to need a PHP coding, which I don't know. I want to C#.
The second link is the same authentication methods I posted in the first post.

I wanted to create a file uploader in C# everything is done and works correctly except the first step which is to get cpsess (given after logging in via the browser).
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
7,972
638
263
Houston
cPanel Access Level
DataCenter Provider
HI @Marani

Secure Remote Login seems to need a PHP coding, which I don't know. I want to C#.
If you read through and looked at the example, you'd see it was actually using a perl script as an example. As long as the Cpanel::LogMeIn module was able to be called this would work.

The second link is the same authentication methods I posted in the first post.
Yes, I am aware of that, I was just making a reference to the available authentication methods, as you can see from the quoted text. These are what is available

I wanted to create a file uploader in C# everything is done and works correctly except the first step which is to get cpsess (given after logging in via the browser).
If you don't know how to use any of the authentication methods available with your project you may want to look at enlisting the assistance of a developer that may be able to help you integrate one of them into your project. You might find some help here: System Administration Services | cPanel Forums though this is geared more toward system administrators. `
 

Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner
Hi @cPanelLauren

I have no idea how I forgot that I have written the authentication some time ago. I found it last night between source code files, tested it and it works perfectly. it was simple and needed none of the sample codes in the documentation.

Now I can the most of cPanel API 2 and UAPI functions.

Thanks
 
  • Like
Reactions: cPanelLauren

rccaj

Member
Jun 16, 2017
7
0
1
India
cPanel Access Level
Root Administrator
Hi @cPanelLauren

I have no idea how I forgot that I have written the authentication some time ago. I found it last night between source code files, tested it and it works perfectly. it was simple and needed none of the sample codes in the documentation.

Now I can the most of cPanel API 2 and UAPI functions.

Thanks

Hi Even I am looking for this solution for generating api token through cpanel can you please help me with the code to see how does it works.

Thanks in Advance

Hi @Marani

Even i am looking for same solution if you could help
 
Last edited by a moderator:

Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner
Hi @rccaj,

I get the session key this way and use all the way for other API calls:

You need to use a POST method to send a request to "cPanelUrl:2083/login/?login_only=1" and for the parameters you need to pass credentials like "user=cpanelUsername&pass=#cpanelPassword".

The response would be like:

Code:
{"status":1,"notices":[],"redirect":"/cpsess9394767568/frontend/paper_lantern/index.html?login=1&post_login=15475794144014","security_token":"/cpsess9394767568"}
After getting this you can get the token (session key) using a JSON parser, regex or whatever you use.

TIP: Use getpostman.com or servistate.com to make sure it works.

Hope that helps.
 
Last edited by a moderator:
  • Like
Reactions: Strangemother

rccaj

Member
Jun 16, 2017
7
0
1
India
cPanel Access Level
Root Administrator
Hello @Marani

Thanks for the help the thing is this method is working for some hosting accounts and for some domains hosting account its not working could you know if any possible reason for it that it works on few and for few it doesnt work.
 

Marani

Member
Nov 23, 2015
23
2
3
Iran
cPanel Access Level
Website Owner
PM me those cPanels that this method doesn't work on them and I will check. I need login info and you can change after the check.
Because I tested on 3 different cPanels from 3 hosting companies and it worked on all.
 

dgeniusudesign

Registered
Apr 1, 2019
3
1
1
Dearborn, USA
cPanel Access Level
Website Owner
Hi Marani,

Thank you so much for this thread. I had been searching for this for nearly 2 weeks and I am really glad I found this.

I tried the method and it works until I get a security token. The security token that I get from Postman & from my code are different. The one I get from my code does not work and when I use it, I get Status 401 - Access Denied. Any ideas what is happening here?

Regards,
Monish
 

Strangemother

Registered
Jun 5, 2019
2
1
3
UK
cPanel Access Level
Reseller Owner
Hi @rccaj,

I get the session key this way and use all the way for other API calls:

You need to use a POST method to send a request to "cPanelUrl:2083/login/?login_only=1" and for the parameters you need to pass credentials like "user=cpanelUsername&pass=#cpanelPassword".

The response would be like:

Code:
{"status":1,"notices":[],"redirect":"/cpsess9394767568/frontend/paper_lantern/index.html?login=1&post_login=15475794144014","security_token":"/cpsess9394767568"}
After getting this you can get the token (session key) using a JSON parser, regex or whatever you use.

TIP: Use getpostman.com or servistate.com to make sure it works.

Hope that helps.
I just want to say thank you - this worked great. It's taken me weeks to solve this problem. Is there a possibility to apply forum search tag to this as "How to authenticate a user's cPanel" of something?

And some other bits helped:
 

Strangemother

Registered
Jun 5, 2019
2
1
3
UK
cPanel Access Level
Reseller Owner
Thank you @cPanelLauren.

To add my note, I've been struggling with this for a while. Now I've solved it I see how trivial it was. I hope others find this faster than I did. I've quantified two working solutions. The latter is much nicer.

How do I login users to cPanel

Requirements:
  • cpanel api, WHM management api
As a provider, I would like to log-in my users into their cPanel for their benefit; server to client browser. It allows me to apply stronger credentials and support login issues with tickets.

user/pass login

The [history] thread is correct - using "/login/?login-only=1" persists a users session. I feel it's designed for explicit robot UI work - such as auto clicking and parsing. This has a number of (valid) limits:
  1. Login credentials require the users password
  2. sessions are maintained by the owning utility (the server script, or a local client (postman))
  3. the session is held with cookies.
And it works fine if you're viewing within the session - such as postman or some interesting embedded wrapper.
But due to newer internet securities this isn't shareable with the browser. Therefore if the session is generated within the server-side environment, you can't pass this to the user.

This is due to the browser securing your session to the domain and app. To test this, authenticate (and perform) Postman - then open a new tab and paste the API given "session url"; it'll work. But applying the same address to another browser will require authentication.

client behalf login

WHM API 1 Functions - create_user_session - Developer Documentation - cPanel Documentation

As an alternative I utilise the 'create_user_session' api url:

https://cloud-api:208X/json-api/create_user_session?api.version=1&user=myuser&service=cpaneld&app=Backups_Home

The endpoint authenticates for a small session window and returns a rich definition for the user session.

Code:
{'data': {'cp_security_token': '/cpsess1470532104',
              'expires': 2559961754,
              'service': 'cpaneld',
              'session': 'myuser:random:create_user_session, random',
              'url': '[URL='https://example.com/?&session=myuser%random:acreate_user_session%random'},
     ... }

hand-off the user to the given url (I choose a redirect) and done! It works great:

  • no user password required
  • can happen automatically on any system
  • defaults 15 minutes user inactivity closure
  • user may use any browser
---

I hope it helps. Thanks for such a rich API - I'm using python and it's awesome.

 
Last edited by a moderator:
  • Like
Reactions: cPanelLauren