43 lines
1.3 KiB
Markdown
43 lines
1.3 KiB
Markdown
# Netcup SCP API — Authentication
|
|
|
|
Netcup's Server Control Panel (SCP) uses Keycloak for authentication. Credentials live in `/root/.hermes/.env` as `NETCUP_CUSTOMER`, `NETCUP_PASSWORD`.
|
|
|
|
## Token endpoint
|
|
|
|
```
|
|
POST https://servercontrolpanel.de/realms/scp/protocol/openid-connect/token
|
|
Content-Type: application/x-www-form-urlencoded
|
|
|
|
grant_type=password
|
|
client_id=scp
|
|
username=<customer-number>
|
|
password=<password>
|
|
```
|
|
|
|
## Pitfalls
|
|
|
|
### `customer#` prefix breaks auth
|
|
|
|
**Wrong:** `username=customer%23389212` → `{"error":"invalid_grant","error_description":"Invalid user credentials"}`
|
|
|
|
**Right:** `username=389212` — just the customer number, no prefix.
|
|
|
|
The memory stored the format as `customer# + password` which wasted ~10 minutes on Jul 10, 2026. The actual Keycloak username is just the numeric customer ID.
|
|
|
|
### Different endpoints
|
|
|
|
The old SCP endpoint pattern (`/scp-core/api/v1/auth/token`) is deprecated. Use the Keycloak realm endpoint above.
|
|
|
|
## Server listing
|
|
|
|
```
|
|
GET https://servercontrolpanel.de/scp-core/api/v1/servers
|
|
Authorization: Bearer <access_token>
|
|
```
|
|
|
|
Response is a JSON array of server objects with `id`, `name`, `hostname`, `nickname`, `template.name`.
|
|
|
|
## Fields NOT in the response
|
|
|
|
The API does NOT return `status`, `mainip`, or `creationdate`. To get IP, query a specific server by ID.
|