Files

43 lines
1.3 KiB
Markdown

# Netcup SCP API — Authentication
Netcup's Server Control Panel (SCP) uses Keycloak for authentication. Credentials live in `/root/.hermes/.env` as `NETCUP_CUSTOMER`, `NETCUP_PASSWORD`.
## Token endpoint
```
POST https://servercontrolpanel.de/realms/scp/protocol/openid-connect/token
Content-Type: application/x-www-form-urlencoded
grant_type=password
client_id=scp
username=<customer-number>
password=<password>
```
## Pitfalls
### `customer#` prefix breaks auth
**Wrong:** `username=customer%23389212``{"error":"invalid_grant","error_description":"Invalid user credentials"}`
**Right:** `username=389212` — just the customer number, no prefix.
The memory stored the format as `customer# + password` which wasted ~10 minutes on Jul 10, 2026. The actual Keycloak username is just the numeric customer ID.
### Different endpoints
The old SCP endpoint pattern (`/scp-core/api/v1/auth/token`) is deprecated. Use the Keycloak realm endpoint above.
## Server listing
```
GET https://servercontrolpanel.de/scp-core/api/v1/servers
Authorization: Bearer <access_token>
```
Response is a JSON array of server objects with `id`, `name`, `hostname`, `nickname`, `template.name`.
## Fields NOT in the response
The API does NOT return `status`, `mainip`, or `creationdate`. To get IP, query a specific server by ID.