Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/gnmyt/Nexterm/llms.txt

Use this file to discover all available pages before exploring further.

Identities store the credentials Nexterm uses to authenticate to your servers — SSH keys, passwords, or both. They can be personal (only you can use them) or shared across an organization. Identities are referenced by ID when creating or updating entries. All endpoints require authentication via Authorization: Bearer YOUR_TOKEN. Identity operations are audit-logged when an organizationId is involved.

GET /api/identity/list

Returns all identities accessible to the authenticated user: personal identities owned by the user plus any identities belonging to organizations the user is a member of.

Response

Returns an array of identity objects.
[].id
number
Unique identity identifier.
[].name
string
Display name of the identity.
[].username
string
The login username this identity authenticates as.
[].type
string
Credential type. One of password, ssh, both, or password-only.
[].organizationId
number
ID of the owning organization, or null for personal identities.
Sensitive fields such as passwords, SSH private keys, and passphrases are never returned by the list endpoint.
curl --request GET \
  --url http://your-server:6989/api/identity/list \
  --header 'Authorization: Bearer YOUR_TOKEN'

PUT /api/identity

Creates a new identity.

Request body

name
string
required
Display name for the identity. Between 3 and 255 characters.
type
string
required
Credential type. One of password, ssh, both, or password-only.
username
string
The login username. Maximum 255 characters.
password
string
Password for password, both, or password-only type identities.
sshKey
string
PEM-encoded private SSH key for ssh or both type identities.
passphrase
string
Passphrase protecting the SSH private key, if applicable.
organizationId
number
ID of the organization to create this identity under. Omit for a personal identity.

Response

id
number
ID of the newly created identity.
message
string
Confirmation message.
curl --request PUT \
  --url http://your-server:6989/api/identity \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{
    "name": "Deploy Key",
    "type": "ssh",
    "username": "deploy",
    "sshKey": "-----BEGIN OPENSSH PRIVATE KEY-----\n..."
  }'

PATCH /api/identity/:identityId

Updates an existing identity. At least one field must be provided.

Path parameters

identityId
string
required
Unique identifier of the identity to update.

Request body

At least one of the following fields is required.
name
string
New display name. Between 3 and 255 characters.
username
string
Updated login username.
type
string
Updated credential type. One of password, ssh, both, or password-only.
password
string
New password value.
sshKey
string
New PEM-encoded private SSH key.
passphrase
string
New passphrase for the SSH key.
organizationId
number
Move the identity to a different organization.

Response

message
string
Confirmation message.
curl --request PATCH \
  --url http://your-server:6989/api/identity/3 \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{"name": "Updated Deploy Key"}'

DELETE /api/identity/:identityId

Permanently deletes an identity. Personal identities can only be deleted by their owner. Organization identities can be deleted by any member of that organization.
Deleting an identity will remove it from all entries that reference it.

Path parameters

identityId
string
required
Unique identifier of the identity to delete.

Response

message
string
Confirmation message.
curl --request DELETE \
  --url http://your-server:6989/api/identity/3 \
  --header 'Authorization: Bearer YOUR_TOKEN'

POST /api/identity/:identityId/move

Moves a personal identity into an organization, making it accessible to all organization members. Only the identity’s owner can perform this action.

Path parameters

identityId
string
required
Unique identifier of the personal identity to move.

Request body

organizationId
number
required
ID of the target organization.

Response

message
string
Confirmation message.
identity
object
The updated identity object reflecting its new organization scope.
curl --request POST \
  --url http://your-server:6989/api/identity/3/move \
  --header 'Authorization: Bearer YOUR_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{"organizationId": 2}'

Build docs developers (and LLMs) love

Get started for freeTalk to us