News

Meet WisPanel β€” The next-gen control panel built for speed, security && simplicity!

Your powerful WisPanel 1.13.19 is here !

API Documentation

Integrate WisPanel with your applications using our comprehensive REST API.

API Reference

Base URL

https://your-server-ip:2083/api/v1

All API endpoints are relative to this base URL.

Postman Collection

Postman Collection

WisPanel ships two Postman collections (schema v2.1.0). Import the one for the API you target.

Collection Covers Base URL var Auth
WisPanel API v1 the panel API on your server base_url = https://YOUR_SERVER:3082 collection-level Bearer {{token}} (a wsp_ API key)
WisPanel Internal Admin API the portal admin/CMS at wispanel.com base_url = https://wispanel.com header X-Admin-Key: {{api_key}}

Both ship in the SDK bundle alongside the PHP SDK.

WisPanel API v1 β€” structure (verified)

17 folders, 123 requests:

00 - Authentication (13)      09 - File Manager (10)
01 - Session & Audit (4)      10 - Cron Jobs (4)
02 - Users & Resellers (14)   11 - Backup & Restore (5)
03 - Domains (13)             12 - WordPress (4)
04 - DNS (6)                  13 - Security (9)
05 - SSL Certificates (5)     14 - System & Services (12)
06 - Databases (5)            15 - Webhooks (5)
07 - Email (7)                16 - SSO (Cross-System Login) (4)
08 - FTP (3)

Variables: base_url, token, username (default john), domain (default example.com), sso_nonce.

Setup

  1. Postman β†’ File β†’ Import β†’ drop wispanel-api.postman_collection.json.
  2. Collection β†’ Variables tab:
    • base_url β†’ your panel, e.g. https://panel.example.com:3082
    • token β†’ a full API key, e.g. wsp_6837c3a0ccf3feb8137516b425aef16bccf85254d76d2d39
    • username / domain β†’ values the :username / :domain path params use.
  3. Auth is set at the collection root (Bearer {{token}}); every request inherits it. Public ones (login, /sso/consume, /sso/exchange) override to No Auth.

The key's permission scope is enforced (see Authentication). For the full collection to work the key needs all; a narrowly scoped key returns 403 "API key is not scoped for '<resource>' on this request".

Verified working example

GET {{base_url}}/api/v1/auth/me with the variables set returns 200 (live-tested):

{ "username": "admin", "email": "[email protected]",
  "role": "admin", "status": "active", "package": "default" }

WisPanel Internal Admin API β€” structure (verified)

6 folders, 27 requests: Posts (5), Pages (5), Features (5), FAQs (5), Releases β€” Upsert + File Upload (4), Auth / Error samples (3).

Variables: base_url (default https://wispanel.com), api_key, post_id, page_id, feature_id, faq_id, release_id.

Setup

  1. Import wispanel-internal-admin-api.postman_collection.json.
  2. Variables: base_url (prod https://wispanel.com) and api_key (your portal ADMIN_API_KEY β€” set per-environment, never commit).
  3. Auth is the collection-level header X-Admin-Key: {{api_key}}.

Verified live: GET {{base_url}}/api/v1/admin/pages?type=api_doc returns 200 with the docs pages.

Idempotency-Key

Add an Idempotency-Key: {{$guid}} header on POST/PUT/PATCH/DELETE requests to make retries safe (Postman's {{$guid}} generates a fresh UUID). Replay semantics and the 409 IDEMPOTENCY_KEY_CONFLICT β†’ see Webhooks, Idempotency & OpenAPI.

Codegen / OpenAPI

GET /openapi.yaml (no auth) returns the OpenAPI 3.0 spec β€” import it into Postman or any client generator instead of hand-mapping requests.

Issue an API key β†’ Authentication. Error envelopes β†’ Error Handling.

Webhooks, Idempotency & OpenAP... DNS Management

Rate Limiting

API requests are limited to 60 requests per minute per API token.

  • X-RateLimit-Limit: Maximum requests per minute
  • X-RateLimit-Remaining: Remaining requests
  • X-RateLimit-Reset: Unix timestamp when limit resets