WHM > Development > Manage API Tokens | Anyway to know what is active?

Sonny

Member
Aug 15, 2003
11
0
151
Missouri
I was replacing old DNSOnly servers and ran in to an issue - I added and deleted servers several times.

After I finally had an end result I was happy with; I found a lot of reverse_trust_* entry in WHM > Development > Manage API Tokens

I have several and I would like to revoke the tokens that are not really in use...

Anyone know if there is a script or way to check the tokens for active and inactive status or a way to easily figure out what you can revoke without breaking everything?

Thanks,
Sonny
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
Hey there! No, there's not a way to do that. The server doesn't necessarily "know" if they are being used or not, as they are just available. The connection is dynamic, so there isn't a certain process or ID that would show them as being in use. When the DNS system syncs, it uses the token as necessary.
 

Sonny

Member
Aug 15, 2003
11
0
151
Missouri
Seems like a security issue having a bunch of reverse_trust there..

I wonder why they don't generate the reverse trust with the name of the server issuing the trust

And then away to identify last time it was used for access or something?

I like removing stuff that don't need to be there and knowing why something is there..

I have like 15 entries about the same time frame so don't know what to safely delete..

Seems like something should log somewhere - what it uses to authenticate - where,

Hmm..