Authentication
Before most Aries API calls can be made, create a key and secret pair in CreeperPanel. A key and secret belong to one server, and its permissions are scoped to that server.
The key and secret pair is associated only with the server it was created on.
Getting A Key And Secret
- Open your Virtual or Dedicated Server in CreeperPanel.
- Navigate to Sub-Accounts in the sidebar.
- Select Generate New under Your API Keys.
Once the key has been created, CreeperPanel shows:
- The API key.
- View Secret, which reveals the secret value.
- Configure Permissions, where access can be granted or revoked.
- Revoke, which deletes the key.
Do not share the secret part of your key. It can allow someone to access the server as your application.
The secret cannot currently be reset. If it is compromised, revoke the key and generate a new pair.
Passing Credentials
The request URL format is:
https://api.creeper.host/{daemon}/{command}
For JSON requests, pass credentials as headers:
Content-Type: application/json
key: {api-key}
secret: {api-secret}
Then send the command data as the JSON body:
{
"path": "/"
}
Aries also supports credentials in the body for clients that cannot send custom headers:
{
"key": "{api-key}",
"secret": "{api-secret}",
"data": {
"path": "/"
}
}
Permissions
Each key and secret pair has a set of permissions similar to a sub-account. A request may fail if the key does not have permission for the target request.
For panel-side permission management, see Setting Sub-account Permissions. For API-side key and permission requests, see the API reference.
Invalid Credentials
If API credentials are invalid, Aries returns an error response:
{
"status": "error",
"message": "Invalid API credentials.",
"details": "Key or secret are too short."
}