You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
portainer/api/api-description.md

2.6 KiB

Portainer API is an HTTP API served by Portainer. It is used by the Portainer UI and everything you can do with the UI can be done using the HTTP API. Examples are available at https://documentation.portainer.io/api/api-examples/ You can find out more about Portainer at http://portainer.io and get some support on Slack.

Authentication

Most of the API endpoints require to be authenticated as well as some level of authorization to be used. Portainer API uses JSON Web Token to manage authentication and thus requires you to provide a token in the Authorization header of each request with the Bearer authentication mechanism.

Example:

Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MSwidXNlcm5hbWUiOiJhZG1pbiIsInJvbGUiOjEsImV4cCI6MTQ5OTM3NjE1NH0.NJ6vE8FY1WG6jsRQzfMqeatJ4vh2TWAeeYfDhP71YEE

Security

Each API endpoint has an associated access policy, it is documented in the description of each endpoint.

Different access policies are available:

  • Public access
  • Authenticated access
  • Restricted access
  • Administrator access

Public access

No authentication is required to access the endpoints with this access policy.

Authenticated access

Authentication is required to access the endpoints with this access policy.

Restricted access

Authentication is required to access the endpoints with this access policy. Extra-checks might be added to ensure access to the resource is granted. Returned data might also be filtered.

Administrator access

Authentication as well as an administrator role are required to access the endpoints with this access policy.

Execute Docker requests

Portainer DO NOT expose specific endpoints to manage your Docker resources (create a container, remove a volume, etc...).

Instead, it acts as a reverse-proxy to the Docker HTTP API. This means that you can execute Docker requests via the Portainer HTTP API.

To do so, you can use the /endpoints/{id}/docker Portainer API endpoint (which is not documented below due to Swagger limitations). This endpoint has a restricted access policy so you still need to be authenticated to be able to query this endpoint. Any query on this endpoint will be proxied to the Docker API of the associated endpoint (requests and responses objects are the same as documented in the Docker API).

NOTE: You can find more information on how to query the Docker API in the Docker official documentation as well as in this Portainer example.