Files

1.3 KiB

Netcup SCP API — Authentication

Netcup's Server Control Panel (SCP) uses Keycloak for authentication. Credentials live in /root/.hermes/.env as NETCUP_CUSTOMER, NETCUP_PASSWORD.

Token endpoint

POST https://servercontrolpanel.de/realms/scp/protocol/openid-connect/token
Content-Type: application/x-www-form-urlencoded

grant_type=password
client_id=scp
username=<customer-number>
password=<password>

Pitfalls

customer# prefix breaks auth

Wrong: username=customer%23389212{"error":"invalid_grant","error_description":"Invalid user credentials"}

Right: username=389212 — just the customer number, no prefix.

The memory stored the format as customer# + password which wasted ~10 minutes on Jul 10, 2026. The actual Keycloak username is just the numeric customer ID.

Different endpoints

The old SCP endpoint pattern (/scp-core/api/v1/auth/token) is deprecated. Use the Keycloak realm endpoint above.

Server listing

GET https://servercontrolpanel.de/scp-core/api/v1/servers
Authorization: Bearer <access_token>

Response is a JSON array of server objects with id, name, hostname, nickname, template.name.

Fields NOT in the response

The API does NOT return status, mainip, or creationdate. To get IP, query a specific server by ID.