Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/thenoname-gurl/EcliPanel/llms.txt

Use this file to discover all available pages before exploring further.

User endpoints cover everything from initial account registration through ongoing session management and credential storage. The /api/users/me alias always resolves to the currently authenticated user, making it the recommended starting point for client-side profile fetches.

Profile

Get current user

GET /api/users/me Returns the full profile of the authenticated user. Sensitive fields (passwordHash, active sessions) are stripped from the response. The age and isChildAccount fields are computed server-side from dateOfBirth and the user’s billing country. 
curl https://your-panel.example.com/api/users/me \
  -H "Cookie: session=<token>"
id
number
User ID.
email
string
Email address.
firstName
string
First name.
lastName
string
Last name.
displayName
string
Optional display name overriding first/last.
role
string
System role: user, staff, admin, or rootAdmin.
portalType
string
Portal tier: free, paid, educational, or enterprise.
emailVerified
boolean
Whether the email address has been confirmed.
twoFactorEnabled
boolean
Whether TOTP two-factor authentication is active.
suspended
boolean
Whether the account is currently suspended.
limits
object
Resource limits assigned by the active plan.
settings
object
User-configurable panel settings (theme, locale, etc.).

Get user by ID

GET /api/users/:id
id
number
required
User ID. Use me as an alias for the authenticated user.
Non-admin users can only fetch their own profile. Staff and admin roles can fetch any user.
curl https://your-panel.example.com/api/users/123 \
  -H "Cookie: session=<token>"

Update user

PUT /api/users/:id
id
number
required
User ID.
firstName
string
Updated first name.
lastName
string
Updated last name.
displayName
string
Display name override.
address
string
Billing address line 1.
billingCity
string
Billing city.
billingState
string
Billing state or region.
billingZip
string
Postal/ZIP code.
billingCountry
string
ISO 3166-1 alpha-2 country code.
dateOfBirth
string
Date of birth in YYYY-MM-DD format. Used for age verification.
settings
object
Partial settings object to merge with existing settings.

Registration

Register a new account

POST /api/users/register
Registration may be gated by geo-block rules and feature flags. A 403 response means registration is disabled for the requester’s country or region.
email
string
required
Email address. Must be unique.
password
string
required
Password. Must meet complexity requirements enforced server-side.
firstName
string
required
First name.
lastName
string
required
Last name.
dateOfBirth
string
Date of birth (YYYY-MM-DD). Required in age-restricted regions.
curl -X POST https://your-panel.example.com/api/users/register \
  -H "Content-Type: application/json" \
  -d '{
    "email": "player@example.com",
    "password": "S3cur3P@ss!",
    "firstName": "Alex",
    "lastName": "Smith"
  }'
success
boolean
Whether the account was created.
userId
number
Newly created user ID.

Sessions

List active sessions

GET /api/sessions/:userId Returns all active browser sessions for a user.
userId
number
required
User ID. Must match the authenticated user unless the caller has admin privileges.
id
string
Session token identifier.
createdAt
string
ISO 8601 creation timestamp.
ipAddress
string
IP address the session was created from.
userAgent
string
Browser user agent string.

Log out current session

POST /api/sessions/logout Invalidates the caller’s current session cookie. 
curl -X POST https://your-panel.example.com/api/sessions/logout \
  -H "Cookie: session=<token>"

Log out all sessions

POST /api/sessions/logout-all Invalidates every active session for the authenticated user. Use this after a suspected account compromise. 
curl -X POST https://your-panel.example.com/api/sessions/logout-all \
  -H "Cookie: session=<token>"

API keys

List your API keys

GET /api/apikeys/my Returns all API keys belonging to the authenticated user.
id
number
Key ID.
name
string
Key label.
prefix
string
First few characters of the key for identification.
createdAt
string
ISO 8601 creation timestamp.
lastUsedAt
string
ISO 8601 last-use timestamp, or null if unused.
curl https://your-panel.example.com/api/apikeys/my \
  -H "Cookie: session=<token>"

Create API key

POST /api/apikeys
name
string
required
Human-readable label for the key.
curl -X POST https://your-panel.example.com/api/apikeys \
  -H "Cookie: session=<token>" \
  -H "Content-Type: application/json" \
  -d '{"name":"CI/CD deploy key"}'
key
string
The full API key value. This is only returned once—store it immediately.
id
number
Key ID for future management.
The plaintext key value is returned only at creation time. It cannot be retrieved again.

Delete API key

DELETE /api/apikeys/:id
id
number
required
API key ID.
curl -X DELETE https://your-panel.example.com/api/apikeys/5 \
  -H "Cookie: session=<token>"

SSH keys

List SSH keys

GET /api/ssh-keys Returns all SSH public keys stored for the authenticated user.
id
number
Key ID.
name
string
Key label.
fingerprint
string
SHA-256 fingerprint of the public key.
createdAt
string
ISO 8601 creation timestamp.
curl https://your-panel.example.com/api/ssh-keys \
  -H "Cookie: session=<token>"

Add SSH key

POST /api/ssh-keys
name
string
required
Label for this key.
publicKey
string
required
OpenSSH-format public key string.
curl -X POST https://your-panel.example.com/api/ssh-keys \
  -H "Cookie: session=<token>" \
  -H "Content-Type: application/json" \
  -d '{"name":"Laptop","publicKey":"ssh-ed25519 AAAA... user@laptop"}'

Delete SSH key

DELETE /api/ssh-keys/:id
id
number
required
SSH key ID.
curl -X DELETE https://your-panel.example.com/api/ssh-keys/3 \
  -H "Cookie: session=<token>"

Build docs developers (and LLMs) love

Get started for freeTalk to us