I'm writing code to backup all users

A

annm_hkt

New member
Joined
May 12, 2024
Messages
1
I'm writing code to backup all users, but the code doesn't know what its API path is like
Meanwhile, if you want to backup a domain, you need to have the user that contains it, and you must also know that user's password
Does DA have an API that can retrieve a list of users and passwords?
 
Retrieving a list of users and passwords via API sounds like a security issue to me, would wonder if it goes this way. If you are admin and implementing code, you have already access to a list of users, so you can backup all users without knowing their passwords.
 
Last edited:
annm_hkt said:
I'm writing code to backup all users, but the code doesn't know what its API path is like
Click to expand...

Not too sure, what you mean here, but all API end-points are known, listed and documented. Would you clarify your thoughts please.

annm_hkt said:
Meanwhile, if you want to backup a domain, you need to have the user that contains it, and you must also know that user's password
Click to expand...

If your code is using user level backups, then you don't need to know user's passwords. You will need to use admin's password and then use the "login-as" method: https://www.directadmin.com/api.php

annm_hkt said:
Does DA have an API that can retrieve a list of users and passwords?
Click to expand...

There is API for listing users, without passwords though. No user passwords can be retrieved via DirectAdmin API.

- old way API: CMD_API_SHOW_USERS https://www.directadmin.com/api.php#showusers
 
Why are you writing code to do it when you can use what is built in? Are you doing some kind of custom backup?
 
I don't know if it still work or not to calling api without pasword of any control users with reseller/admin account owner.

if you want to make User Level API calls for your clients, but don't know their passwords. The way you do that is setup your API to make the User Level API call normally, but instead of using $username = "clientuser"; (since you don't know their password) you'd instead use: $username = "admin|clientuser"; and specify the admin password. This can be used for any Admin or Reseller who controls the client.


Docs from https://www.directadmin.com/api.html
 
You must log in or register to reply here.
Back
Top