Access key permission definitions?


When creating an access key you have the following options for permissions:

  • billing
  • mail-accounts
  • phpmyadmin-sso
  • purge-nginx-cache
  • sync-dns-cluster
  • update-dns-records

Most of these are very nondescriptive and/or technical. I expected to find things like “add users/domains/databases”. I have not seen the concept of billing used anywhere else in the application, for example. Are these described anywhere?

ls /usr/local/hestia/data/api/

For the same list and

cat /usr/local/hestia/data/api/billing for what commands they can execute.

Used by Hestia it self:

  • phpmyadmin-sso is used for the phpmadmin-sso feature
  • sync-dns-cluster DNS Cluster feature in Hestia

For the rest:
billing - For billing systen like WHMCS / Fossbilling
mail-accounts allow users to manage email accounts via api
update-dns-records same but for dns records

And purge-nginx-cache
Clear cache of the website via API


Thank you. Do I understand correctly that I can add files here in order to create new permission sets? Will these be removed upon updating HestiaCP?

Yes you can add you own

No they won’t be removed

1 Like