API Documentation

Login

العربية Беларуская Български Čeština Dansk Deutsch Ελληνικά English Español Suomi Français עברית Magyar Bahasa Indonesia Italiano 日本語 한국어 Lietuvių Nederlands Norsk ☠ Pirate Polski Português (BR) Português (PT) Română Русский Slovenčina Српски Svenska Türkçe Українська 简体中文繁體中文

Authentication

Authentication

Token-Based Authentication

The API uses token-based authentication via the X-Admin-Token HTTP header. Every request must include a valid API token.

Request Header

X-Admin-Token: your-api-token-here

Example (cURL)

curl -H "X-Admin-Token: your-api-token-here" \
     -H "Accept: application/json" \
     http://your-server:5550/api/status

Responses

Status	Meaning
`200`	Authenticated successfully
`401`	Missing or invalid token
`403`	Token valid, but insufficient permissions

Note: The token is configured in the server's config.yml. Keep it secret and never expose it in client-side code.

Recommendations

Restrict the API port (5550) via firewall to trusted IPs
Use a reverse proxy (nginx/Apache) for public access
Use HTTPS if the API is accessible via the internet
Rotate the API token regularly

Architecture & Overview Configuration