Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicDeveloper Experience
Properties
Category Developer Experience
Tags api, security

Allow root user api token to list all accounts

Monarobase shared this idea 6 years ago
Open Discussion

As a web-hosting provider, I would like to be able to create an API token for the root user that can list all accounts on a cPanel/WHM server.

Currently if you create an API token for the root user, with the "Account Information" privileges you can only list accounts owned directly by root.

We believe API tokens for the root user should be able to list the same accounts as the root user.


-------------------------------------------------------------------

When creating an api token for the root user with the "Account Information" privileges we expected to be able to list all accounts on the server using WHM API 1.

It is not currently possible to list all accounts on the server unless you give the api token full root access which removes the whole advantage of having api tokens.

Please allow the creation of an api token that can list all accounts on a server using WHM API 1.

Support says this is by design. We consider it to be a bug as there is currently no secure way to do this.

1 I like this idea 0  
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.