Requests
Category
Modules
Change plesk authentication to use key based authentication.
Under Consideration
users changing passwords and usernames in either plesk or blesta will cause problems with provisioning and service operations. Plesk has the ability to use key based authentication for the XML API:
Using key based authentication should eliminate issues created by users changing their user names, passwords etc.
I like this idea
also - these failed authentications can cause things like fail2ban or modSecurity to block access to the blesta instance. (not super great)
It would also be "super-duper" handy to have an "import" button while creating a client so that you can basically pick a plesk client from a list and generate the client's secret key at that time.
The Plesk API can generate a magic URL to drop a client into an authenticated plesk session
https://docs.plesk.com/en-US/12.5/api-rpc/reference/managing-plesk-server/creating-session-tokens.73865/#o73866
Windows and Linux endpoints are slightly different, so there might need to be an extra API call to see which the target server is (if it's not already known) https://docs.plesk.com/en-US/obsidian/api-rpc/about-xml-api/reference/managing-plesk-server/getting-server-information/response-packet-structure-and-samples/server-statistics/plesk-and-os-version.35552/
Comments have been locked on this page!