Introduction
CoreSSH can be configured to support operations such as creating, updating, deleting, and querying information via REST API requests. The API endpoints are designed to handle JSON-formatted HTTP requests. These requests will only be accepted if they originate from the same system where the server is running.
The following endpoints are supported:
The following schemas define the objects used by the API:
Authentication
API Key Authentication
CoreSSH Server supports token-based API Key authentication over HTTP. This method allows programmatic access to the CoreSSH REST API. API Keys are created and managed by a CoreSSH Server administrator via the Admin Console.
To perform API Key authentication, follow the below steps.
- Navigate to the Settings page.
- Click Generate API Key... and enter a descriptive name.
- Once created, you will be shown the API Key Token. The token format is: myKey:mOZq4hmSJk4yJzBcFavMVKGXOUwasZfj
- Important: Copy and store the token securely. This is the only time it will be displayed. It is recommended to avoid exposing the API Key in client-side code or version control.
- Use this token in your HTTP requests by including it in the x-coressh-api-key header.
Example:
POST /api/server/start HTTP/1.1
Host: localhost:8123
Accept-Encoding: gzip, deflate
User-Agent: IPWorks HTTP Component - www.nsoftware.com
Connection: close
Content-Length: 0
x-coressh-api-key: myKey:mOZq4hmSJk4yJzBcFavMVKGXOUwasZfj
Example Response:
HTTP/1.1 200 OK
Content-Length: 83
Date: Mon, 31 03 2025 17:31:25
Server: nsoftware HTTP Server
Content-Type: text/html; charset=UTF-8
{"statusCode":200,"message":"Server action executed successfully","serverStatus":1}
Start
POST /api/server/start
Starts the server and allows clients to connect.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the server action was processed successfully. |
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
Example Response
{"statusCode":200,"message":"Server action executed successfully","serverStatus":1}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Stop
POST /api/server/stop
Stops the server and disconnects all connected clients.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the server action was processed successfully. |
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
Example Response
{"statusCode":200,"message":"Server action executed successfully","serverStatus":0}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Restart
POST /api/server/restart
Restarts the server and disconnects all connected clients.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the server action was processed successfully. |
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Settings
GET /api/settings
Retrieves server configuration settings.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| AllowedClients | string array |
List of clients allowed to connect SSH Server. |
| AllowedAdminClients | string array |
List of clients allowed to connect HTTP Server. |
| AuthMaxAttempts | integer |
Maximum number of authentication attempts allowed. |
| AutoBlockDuration | integer |
Duration for which a client is blocked after exceeding authentication attempts. |
| AutoBlockMaxAuthAttempts | integer |
Maximum authentication attempts before a client is blocked. |
| BlockedClients | string array |
List of blocked clients. |
| BlockedAdminClients | string array |
List of blocked clients. |
| DeleteLogDays | integer |
Number of days after which logs are deleted. |
| EnableCompression | boolean |
Enables or disables data compression. |
| EnablePowershell | boolean |
Enables or disables PowerShell support. |
| EnableSessionManagement | boolean |
Enables or disables session management. |
| EnableSCP | boolean |
Enables or disables SCP protocol. |
| EnableSSHServerOnStartup | boolean |
Enables or disables run SSH Server at Startup. |
| EnableSexec | boolean |
Enables or disables Secure Exec functionality. |
| EnableShell | boolean |
Enables or disables shell access. |
| EnableSFTP | boolean |
Enables or disables SFTP functionality. |
| EnableSSHReverseTunnel | boolean |
Enables or disables SSH reverse tunneling. |
| EnableSSHTunnel | boolean |
Enables or disables SSH tunneling. |
| IdleSessionTimeout | integer |
Timeout for idle sessions in seconds. |
| LocalHost | string |
Local host address. |
| LogEnabled | boolean |
Enables or disables logging to a file. |
| LogSSHPackets | boolean |
Enables or disables logging of SSH packets. |
| LogToFile | string |
The full path to the log file. |
| MatchSSHPublicKeyToUsername | boolean |
Enforces public key to username matching. |
| MaxConnections | integer |
Maximum number of simultaneous connections allowed. |
| PasswordAuthEnabled | boolean |
Enables or disables password authentication. |
| PreserveFileTime | boolean |
Preserves file timestamps when transferring files. |
| LogLevel | integer |
The trace level of the logging from the application. Possible values are:[
"0 - Off",
"1 - Error",
"2 - Warning",
"3 - Info (default)",
"4 - Verbose"
]
|
| RotateLogDays | integer |
Number of days after which logs are rotated. |
| RunProfiles | string |
Profiles used when running CoreSSH. |
| ServerSSHVersionString | string |
Version string for the SSH server. |
| SFTPHomeDirMap | string |
Mapping of home directories for SFTP users. |
| SFTPRootDir | string |
Root directory for SFTP users. |
| ShowHiddenFiles | boolean |
Enables or disables showing hidden files. |
| SSHEncryptionAlgorithms | string array |
List of encryption algorithms supported by SSH. |
| SSHKeyExchangeAlgorithms | string array |
List of key exchange algorithms supported by SSH. |
| SSHKeyRenegotiationThreshold | integer |
Threshold after which SSH keys are renegotiated. |
| SSHMacAlgorithms | string array |
List of MAC algorithms supported by SSH. |
| SSHPort | integer |
Port used for SSH connections. |
| SSHPublicKeyEnabled | boolean |
Enables or disables public key authentication. |
| SSHPublicKeyFileName | string |
File name for the SSH public key. |
| SSHUseStrictKeyExchange | integer |
Controls whether strict key exchange (strict kex) is enabled to mitigate the Terrapin attack. Possible values are:[
"0 - Disabled",
"1 - Enabled but not enforced (default)",
"2 - Enabled but reject affected algorithms",
"3 - Required"
]
|
| UseFIPSCompliantAPI | boolean |
Enables or disables the use of FIPS-compliant API. |
| UseIPv6 | boolean |
Enables or disables IPv6 support. |
| UserAuthBanner | string |
Banner displayed during user authentication. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Save Settings
POST /api/settings
Applies configuration settings to the server.
Request Body
Any number of the following name-value pairs.
Content-type: application/json| Name | Type | Description |
|---|---|---|
|
AllowedClients
(optional) |
array |
List of clients allowed to connect SSH Server. |
|
AllowedAdminClients
(optional) |
array |
List of clients allowed to connect HTTP Server. |
|
AuthMaxAttempts
(optional) |
integer |
Maximum number of authentication attempts allowed. |
|
AutoBlockDuration
(optional) |
integer |
Duration for which a client is blocked after exceeding authentication attempts. |
|
AutoBlockMaxAuthAttempts
(optional) |
integer |
Maximum authentication attempts before a client is blocked. |
|
BlockedClients
(optional) |
array |
List of blocked clients. |
|
BlockedAdminClients
(optional) |
array |
List of blocked clients. |
|
DeleteLogDays
(optional) |
integer |
Number of days after which logs are deleted. |
|
EnableCompression
(optional) |
boolean |
Enables or disables data compression. |
|
EnablePowershell
(optional) |
boolean |
Enables or disables PowerShell support. |
|
EnableSessionManagement
(optional) |
boolean |
Enables or disables session management. |
|
EnableSCP
(optional) |
boolean |
Enables or disables SCP protocol. |
|
EnableSSHServerOnStartup
(optional) |
boolean |
Enables or disables run SSH Server at Startup. |
|
EnableSexec
(optional) |
boolean |
Enables or disables Secure Exec functionality. |
|
EnableShell
(optional) |
boolean |
Enables or disables shell access. |
|
EnableSFTP
(optional) |
boolean |
Enables or disables SFTP functionality. |
|
EnableSSHReverseTunnel
(optional) |
boolean |
Enables or disables SSH reverse tunneling. |
|
EnableSSHTunnel
(optional) |
boolean |
Enables or disables SSH tunneling. |
|
IdleSessionTimeout
(optional) |
integer |
Timeout for idle sessions in seconds. |
|
LocalHost
(optional) |
string |
Local host address. |
|
LogEnabled
(optional) |
boolean |
Enables or disables logging to a file. |
|
LogSSHPackets
(optional) |
boolean |
Enables or disables logging of SSH packets. |
|
LogToFile
(optional) |
string |
The full path to the log file. |
|
MatchSSHPublicKeyToUsername
(optional) |
boolean |
Enforces public key to username matching. |
|
MaxConnections
(optional) |
integer |
Maximum number of simultaneous connections allowed. |
|
PasswordAuthEnabled
(optional) |
boolean |
Enables or disables password authentication. |
|
PreserveFileTime
(optional) |
boolean |
Preserves file timestamps when transferring files. |
|
LogLevel
(optional) |
integer |
The trace level of the logging from the application. Possible values are:[
"0 - Off",
"1 - Error",
"2 - Warning",
"3 - Info (default)",
"4 - Verbose"
]
|
|
RotateLogDays
(optional) |
integer |
Number of days after which logs are rotated. |
|
RunProfiles
(optional) |
string |
Profiles used when running CoreSSH. |
|
ServerSSHVersionString
(optional) |
string |
Version string for the SSH server. |
|
SFTPHomeDirMap
(optional) |
string |
Mapping of home directories for SFTP users. |
|
SFTPRootDir
(optional) |
string |
Root directory for SFTP users. |
|
ShowHiddenFiles
(optional) |
boolean |
Enables or disables showing hidden files. |
|
SSHEncryptionAlgorithms
(optional) |
array |
List of encryption algorithms supported by SSH. |
|
SSHKeyExchangeAlgorithms
(optional) |
array |
List of key exchange algorithms supported by SSH. |
|
SSHKeyRenegotiationThreshold
(optional) |
integer |
Threshold after which SSH keys are renegotiated. |
|
SSHMacAlgorithms
(optional) |
array |
List of MAC algorithms supported by SSH. |
|
SSHPort
(optional) |
integer |
Port used for SSH connections. |
|
SSHPublicKeyEnabled
(optional) |
boolean |
Enables or disables public key authentication. |
|
SSHPublicKeyFileName
(optional) |
string |
File name for the SSH public key. |
|
SSHUseStrictKeyExchange
(optional) |
integer |
Controls whether strict key exchange (strict kex) is enabled to mitigate the Terrapin attack. Possible values are:[
"0 - Disabled",
"1 - Enabled but not enforced (default)",
"2 - Enabled but reject affected algorithms",
"3 - Required"
]
|
|
UseFIPSCompliantAPI
(optional) |
boolean |
Enables or disables the use of FIPS-compliant API. |
|
UseIPv6
(optional) |
boolean |
Enables or disables IPv6 support. |
|
UserAuthBanner
(optional) |
string |
Banner displayed during user authentication. |
Examples
Example Request
{"SSHPort":2022,"EnableSCP":true,"LogEnabled":false}
Responses
OK
Content-type:Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Logs
GET /api/logs
Retrieves the current window of logs.
Request Query Parameters
| Name | Type | Description |
|---|---|---|
|
allLogs
optional |
boolean |
Whether to return all saved logs in the server or the new logs only. Possible values are:["0 - Disabled (default)","1 - Enabled"]
|
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| logs | string |
The current window of logs in the server. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Info
GET /api/info
Retrieves the current status and information of the server.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| version | string |
The build number of CoreSSH installed. |
Example
{"version":"24.0.8930"}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Status
GET /api/status
Retrieves the current status and information of the server.
Request Query Parameters
| Name | Type | Description |
|---|---|---|
|
exclude
optional |
string |
Comma-separated list of data to exclude from the response. Possible values are:["serverStatus","logs","stats","sessions"]
|
|
allLogs
optional |
boolean |
Whether to return all saved logs in the server or the new logs only. Possible values are:["0 - Disabled (default)","1 - Enabled"]
|
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
| logs | string |
The current window of logs in the server. |
| stats | StatsListItem |
Contains various statistics related to the server. |
| sessions | SessionListItem |
Returns the currently connected sessions. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Sessions
GET /api/sessions
Retrieves all current connections.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| Address | string |
IP address of the connnecting client. |
| User | string |
User for this session. |
| ConnectionTime | string |
Duration of the active connection. The format is "d.hh:mm:ss". |
| ConnectionId | string |
The ID of the client connection. |
Example
[{"Address":"127.0.0.1","User":"testuser","ConnectionTime":"0.00:00:00","ConnectionId":123456789}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Disconnect Session
POST /api/sessions/{address}
Disconnects the session for the specified client address.
Request Body
A valid value for the request body is required when performing this operation.
| Name | Type | Description |
|---|---|---|
| sessionAction | string |
Action to perform. Possible values are:[
"disconnect"
]
|
Examples
Example Request
{"sessionAction":"disconnect"}
Responses
OK
Provides confirmation after a successful operation.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the request was processed successfully. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Host Keys
GET /api/hostkeys
Retrieves details of all server host keys.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| alg | string |
The algorithm of the host key. |
| enabled | boolean |
Whether the host key is enabled. |
| keySize | integer |
The length of the host key in bits. |
| fingerprint | string |
The hex-encoded fingerprint of the host key, derived using SHA-256. |
Example
[{"alg":"RSA","enabled":true,"keySize":3072,"fingerprint":"d2:84:a5:f0:45:89:06:fb:2a:80:7e:3e:56:f1:c6:12:56:a1:79:0b:af:0b:4a:ee:8d:8f:ff:78:38:72:bc:8c"},{"alg":"ECDSA","enabled":false,"keySize":384,"fingerprint":"e4:1e:4e:1b:95:47:99:0e:3b:7e:9b:44:f0:3d:98:f8:69:9c:2c:93:df:6d:84:3e:58:c0:cf:9f:6a:09:92:a5:4e"},{"alg":"Ed25519","enabled":true,"keySize":255,"fingerprint":"6d:fd:5d:9a:4b:12:66:aa:89:5b:1b:e7:31:54:55:fd:4e:76:85:77:db:a3:fc:82:9d:ed:ba:af:bc:29:aa:e8"}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Update Host Key
POST /api/hostkeys/{alg}
Generates a new key or updates the status of an existing key for the specified algorithm.
Request Body
| Name | Type | Description |
|---|---|---|
|
generate
(optional) |
boolean |
Generate new key. Possible values are:[
true
]
|
|
enabled
(optional) |
boolean |
Whether key will be enabled. If omitted the state is not changed. Possible values are:[
false,
true
]
|
|
keySize
(optional) |
integer |
The length of the key in bits. For RSA keys valid values are 2048, 3072 (default), and 4096. For ECDSA keys valid values are 256 (default), 384, and 521. For Ed25519 keys the length is always 256. Possible values are:[
256,
384,
521,
2048,
3072,
4096
]
|
Examples
Example Request
{"generate":true,"enabled":true,"keySize":384}
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| alg | string |
The algorithm of the host key. |
| enabled | boolean |
Whether the host key is enabled. |
| keySize | integer |
The length of the host key in bits. |
| fingerprint | string |
The hex-encoded fingerprint of the host key, derived using SHA-256. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Users
GET /api/users
Retrieves all currently configured users.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| enabled | boolean |
Whether the user is enabled or disabled. |
Example
[{"name":"testUser","displayName":"testUser","rootDirectory":"/path/to/root/directory","enabled":true},{"name":"virtualUser","displayName":"virtualUser","rootDirectory":"/path/to/another/directory","enabled":true}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Create User
POST /api/users
Creates a new user on the server.
Request Body
Describes a user settings.
Content-type: application/json| Name | Type | Description |
|---|---|---|
|
name
(optional) |
string |
The name of the user. |
|
displayName
(optional) |
string |
The display name of the user. |
|
rootDirectory
(optional) |
string |
The root directory of the user. |
|
readOnly
(optional) |
boolean |
The access of the user. |
|
authenticationType
(optional) |
integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
|
password
(optional) |
string |
The password of the user. |
|
publicKey
(optional) |
string |
The public key of the user. |
|
enabled
(optional) |
boolean |
Whether the user is enabled or not. |
Examples
Example Request
{"name":"virtualUser","enabled":true,"rootDirectory":"C:\\temp","authenticationType":0,"password":"pass"}
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| readOnly | boolean |
The access of the user. |
| authenticationType | integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
| password | string |
The password of the user. |
| publicKey | string |
The public key of the user. |
| enabled | boolean |
Whether the user is enabled or not. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get User
GET /api/users/{name}
Retrieves configuration settings for the specified user.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| readOnly | boolean |
The access of the user. |
| authenticationType | integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
| password | string |
The password of the user. |
| publicKey | string |
The public key of the user. |
| enabled | boolean |
Whether the user is enabled or not. |
Example
{"name":"virtualUser","displayName":"virtualUser","rootDirectory":"/path/to/root/directory","readOnly":true,"authenticationType":0,"password":"pass","publicKey":"","enabled":true}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Save User
PUT /api/users/{name}
Applies user configuration to the server.
Request Body
Describes a user settings.
Content-type: application/json| Name | Type | Description |
|---|---|---|
|
name
(optional) |
string |
The name of the user. |
|
displayName
(optional) |
string |
The display name of the user. |
|
rootDirectory
(optional) |
string |
The root directory of the user. |
|
readOnly
(optional) |
boolean |
The access of the user. |
|
authenticationType
(optional) |
integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
|
password
(optional) |
string |
The password of the user. |
|
publicKey
(optional) |
string |
The public key of the user. |
|
enabled
(optional) |
boolean |
Whether the user is enabled or not. |
Examples
Example Request
{"displayName":"newDisplayName","enabled":false}
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| readOnly | boolean |
The access of the user. |
| authenticationType | integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
| password | string |
The password of the user. |
| publicKey | string |
The public key of the user. |
| enabled | boolean |
Whether the user is enabled or not. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Delete User
DELETE /api/users/{name}
Deletes the specified user.
Request Body
Examples
Example cURL Request
curl -X DELETE http://127.0.0.1:8123/api/users/test -H \u0022x-coressh-api-key: test:UyP0R6hLA22pVo-Q5-oqatC89JB98h8g\u0022
Responses
OK
Provides confirmation after a successful operation.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the request was processed successfully. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Windows Objects
GET /api/listwindowsobjects
Retrieves all Windows objects.
Request Query Parameters
| Name | Type | Description |
|---|---|---|
| type | string |
The name of the object. Possible values are:["User","Group"]
|
Responses
OK
Content-type: application/jsonExample
[{"name":"BUILTIN\\Administrators"},{"name":"BUILTIN\\Users"}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Groups
GET /api/groups
Retrieves all currently configured Windows groups.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| enabled | boolean |
Whether the group is enabled or disabled. |
Example
[{"name":"BUILTIN\\Administrators","rootDirectory":"/path/to/root/directory","enabled":true},{"name":"BUILTIN\\Users","rootDirectory":"/path/to/root/directory","enabled":false}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Create Group
POST /api/groups
Creates a Windows group.
Request Body
Describes a Windows group settings.
Content-type: application/json| Name | Type | Description |
|---|---|---|
|
name
(optional) |
string |
The name of the group. |
|
rootDirectory
(optional) |
string |
The root directory of the group. |
|
readOnly
(optional) |
boolean |
The access of the group. |
|
authenticationType
(optional) |
integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
|
enabled
(optional) |
boolean |
Whether the group is enabled or not. |
|
enablePassword
(optional) |
boolean |
Whether the server will allow password authentication via Windows mechanisms. |
|
enablePublicKey
(optional) |
boolean |
Whether the server will allow windows store based public key authentication for the user. |
|
enableGSSAPI
(optional) |
boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
|
logonType
(optional) |
integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
|
mechanisms
(optional) |
integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
|
storeName
(optional) |
string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
|
storeType
(optional) |
integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
Examples
Example Request
{"name":"BUILTIN\\Administrators","enabled":true,"rootDirectory":"C:\\temp","enablePassword":true}
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| readOnly | boolean |
The access of the group. |
| authenticationType | integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
| enabled | boolean |
Whether the group is enabled or not. |
| enablePassword | boolean |
Whether the server will allow password authentication via Windows mechanisms. |
| enablePublicKey | boolean |
Whether the server will allow windows store based public key authentication for the user. |
| enableGSSAPI | boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
| logonType | integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
| mechanisms | integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
| storeName | string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
| storeType | integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get Group
GET /api/groups/{name}
Retrieves details about the specified Windows group.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| readOnly | boolean |
The access of the group. |
| authenticationType | integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
| enabled | boolean |
Whether the group is enabled or not. |
| enablePassword | boolean |
Whether the server will allow password authentication via Windows mechanisms. |
| enablePublicKey | boolean |
Whether the server will allow windows store based public key authentication for the user. |
| enableGSSAPI | boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
| logonType | integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
| mechanisms | integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
| storeName | string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
| storeType | integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
Example
{"name":"BUILTIN\\Administrators","rootDirectory":"/path/to/root/directory","readOnly":false,"authenticationType":4,"enabled":true,"enablePassword":true,"enablePublicKey":false,"enableGSSAPI":false,"logonType":0,"mechanisms":0,"storeName":"","storeType":0}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Save Group
PUT /api/groups/{name}
Applies Windows group configuration to the server.
Request Body
Describes a Windows group settings.
Content-type: application/json| Name | Type | Description |
|---|---|---|
|
name
(optional) |
string |
The name of the group. |
|
rootDirectory
(optional) |
string |
The root directory of the group. |
|
readOnly
(optional) |
boolean |
The access of the group. |
|
authenticationType
(optional) |
integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
|
enabled
(optional) |
boolean |
Whether the group is enabled or not. |
|
enablePassword
(optional) |
boolean |
Whether the server will allow password authentication via Windows mechanisms. |
|
enablePublicKey
(optional) |
boolean |
Whether the server will allow windows store based public key authentication for the user. |
|
enableGSSAPI
(optional) |
boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
|
logonType
(optional) |
integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
|
mechanisms
(optional) |
integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
|
storeName
(optional) |
string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
|
storeType
(optional) |
integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
Examples
Example Request
{"enablePassword":false,"enablePublicKey":true}
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| readOnly | boolean |
The access of the group. |
| authenticationType | integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
| enabled | boolean |
Whether the group is enabled or not. |
| enablePassword | boolean |
Whether the server will allow password authentication via Windows mechanisms. |
| enablePublicKey | boolean |
Whether the server will allow windows store based public key authentication for the user. |
| enableGSSAPI | boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
| logonType | integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
| mechanisms | integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
| storeName | string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
| storeType | integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Delete Group
DELETE /api/groups/{name}
Deletes the specified Windows group.
Responses
OK
Provides confirmation after a successful operation.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the request was processed successfully. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Get API Keys
GET /api/apikeys
Retrieves all currently configured API keys.
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| keyName | string |
The description of the API key. |
Example
[{"keyName":"testKey"},{"keyName":"backupKey"},{"keyName":"externalKey"}]
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Create API Key
POST /api/apikeys
Creates a new API key.
Request Body
| Name | Type | Description |
|---|---|---|
|
keyName
(optional) |
string |
Description for the new key. |
Responses
OK
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| keyName | string |
The description of the API key. |
| apiKey | string |
The 32-character long API key, randomly generated, base64URL encoded, and prefixed by the key name. Warning: The generated key is shown only once. |
Example
{"keyName":"testKey","apiKey":"testKey:UyP0R6hLA22pVo-Q5-oqatC89JB98h8g"}
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Delete API Key
DELETE /api/apikeys/{keyName}
Deletes the specified API key.
Responses
OK
Provides confirmation after a successful operation.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the request was processed successfully. |
Bad Request
Contains information pertaining to the error.
Content-type: application/jsonProperties
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
Schemas
ErrorResponse
Contains information pertaining to the error.
| Name | Type | Description |
|---|---|---|
| errorCode | integer |
A identifier indicating the type of error encountered. |
| errorMessage | string |
A string providing details about the error encountered. |
SuccessResponse
Provides confirmation after a successful operation.
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the request was processed successfully. |
ServerActionListItem
| Name | Type | Description |
|---|---|---|
| statusCode | integer |
The HTTP status code returned upon successful execution of the request. A value of 200 indicates success. |
| message | string |
A confirmation message indicating the server action was processed successfully. |
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
StatsListItem
Contains various statistics related to the server.
| Name | Type | Description |
|---|---|---|
| errorCount | integer |
Total number of errors. |
| bytesReceived | integer |
Total amount of bytes received by the server during runtime. |
| serverUptime | string |
The duration of time the server has been running since the last reboot. The format is "d.hh:mm:ss". |
| clientCount | integer |
The number of clients currently connected to the server. |
StatusListItem
| Name | Type | Description |
|---|---|---|
| serverStatus | integer |
Indicates the server's status after the request is processed. Possible values are:[
"0 - Stopped",
"1 - Started"
]
|
| logs | string |
The current window of logs in the server. |
| stats | StatsListItem |
Contains various statistics related to the server. |
| sessions | SessionListItem |
Returns the currently connected sessions. |
ServerSettings
Any number of the following name-value pairs.
| Name | Type | Description |
|---|---|---|
| AllowedClients | string array |
List of clients allowed to connect SSH Server. |
| AllowedAdminClients | string array |
List of clients allowed to connect HTTP Server. |
| AuthMaxAttempts | integer |
Maximum number of authentication attempts allowed. |
| AutoBlockDuration | integer |
Duration for which a client is blocked after exceeding authentication attempts. |
| AutoBlockMaxAuthAttempts | integer |
Maximum authentication attempts before a client is blocked. |
| BlockedClients | string array |
List of blocked clients. |
| BlockedAdminClients | string array |
List of blocked clients. |
| DeleteLogDays | integer |
Number of days after which logs are deleted. |
| EnableCompression | boolean |
Enables or disables data compression. |
| EnablePowershell | boolean |
Enables or disables PowerShell support. |
| EnableSessionManagement | boolean |
Enables or disables session management. |
| EnableSCP | boolean |
Enables or disables SCP protocol. |
| EnableSSHServerOnStartup | boolean |
Enables or disables run SSH Server at Startup. |
| EnableSexec | boolean |
Enables or disables Secure Exec functionality. |
| EnableShell | boolean |
Enables or disables shell access. |
| EnableSFTP | boolean |
Enables or disables SFTP functionality. |
| EnableSSHReverseTunnel | boolean |
Enables or disables SSH reverse tunneling. |
| EnableSSHTunnel | boolean |
Enables or disables SSH tunneling. |
| IdleSessionTimeout | integer |
Timeout for idle sessions in seconds. |
| LocalHost | string |
Local host address. |
| LogEnabled | boolean |
Enables or disables logging to a file. |
| LogSSHPackets | boolean |
Enables or disables logging of SSH packets. |
| LogToFile | string |
The full path to the log file. |
| MatchSSHPublicKeyToUsername | boolean |
Enforces public key to username matching. |
| MaxConnections | integer |
Maximum number of simultaneous connections allowed. |
| PasswordAuthEnabled | boolean |
Enables or disables password authentication. |
| PreserveFileTime | boolean |
Preserves file timestamps when transferring files. |
| LogLevel | integer |
The trace level of the logging from the application. Possible values are:[
"0 - Off",
"1 - Error",
"2 - Warning",
"3 - Info (default)",
"4 - Verbose"
]
|
| RotateLogDays | integer |
Number of days after which logs are rotated. |
| RunProfiles | string |
Profiles used when running CoreSSH. |
| ServerSSHVersionString | string |
Version string for the SSH server. |
| SFTPHomeDirMap | string |
Mapping of home directories for SFTP users. |
| SFTPRootDir | string |
Root directory for SFTP users. |
| ShowHiddenFiles | boolean |
Enables or disables showing hidden files. |
| SSHEncryptionAlgorithms | string array |
List of encryption algorithms supported by SSH. |
| SSHKeyExchangeAlgorithms | string array |
List of key exchange algorithms supported by SSH. |
| SSHKeyRenegotiationThreshold | integer |
Threshold after which SSH keys are renegotiated. |
| SSHMacAlgorithms | string array |
List of MAC algorithms supported by SSH. |
| SSHPort | integer |
Port used for SSH connections. |
| SSHPublicKeyEnabled | boolean |
Enables or disables public key authentication. |
| SSHPublicKeyFileName | string |
File name for the SSH public key. |
| SSHUseStrictKeyExchange | integer |
Controls whether strict key exchange (strict kex) is enabled to mitigate the Terrapin attack. Possible values are:[
"0 - Disabled",
"1 - Enabled but not enforced (default)",
"2 - Enabled but reject affected algorithms",
"3 - Required"
]
|
| UseFIPSCompliantAPI | boolean |
Enables or disables the use of FIPS-compliant API. |
| UseIPv6 | boolean |
Enables or disables IPv6 support. |
| UserAuthBanner | string |
Banner displayed during user authentication. |
SessionListItem
Created when a user connects to the server.
| Name | Type | Description |
|---|---|---|
| Address | string |
IP address of the connnecting client. |
| User | string |
User for this session. |
| ConnectionTime | string |
Duration of the active connection. The format is "d.hh:mm:ss". |
| ConnectionId | string |
The ID of the client connection. |
HostkeyListItem
Describes a host key list item.
| Name | Type | Description |
|---|---|---|
| alg | string |
The algorithm of the host key. |
| enabled | boolean |
Whether the host key is enabled. |
| keySize | integer |
The length of the host key in bits. |
| fingerprint | string |
The hex-encoded fingerprint of the host key, derived using SHA-256. |
UserListItem
Describes a user list item.
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| enabled | boolean |
Whether the user is enabled or disabled. |
UserSettings
Describes a user settings.
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the user. |
| displayName | string |
The display name of the user. |
| rootDirectory | string |
The root directory of the user. |
| readOnly | boolean |
The access of the user. |
| authenticationType | integer |
The authentication type of the user. Possible values are:[
"0 - Password",
"1 - Public key",
"3 - Multi-factor",
"4 - Windows"
]
|
| password | string |
The password of the user. |
| publicKey | string |
The public key of the user. |
| enabled | boolean |
Whether the user is enabled or not. |
GroupListItem
Describes a group list item.
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| enabled | boolean |
Whether the group is enabled or disabled. |
GroupSettings
Describes a Windows group settings.
| Name | Type | Description |
|---|---|---|
| name | string |
The name of the group. |
| rootDirectory | string |
The root directory of the group. |
| readOnly | boolean |
The access of the group. |
| authenticationType | integer |
The authentication type of the group. Possible values are:[
"0 - Allow any of the enabled mechanisms (default)",
"1 - Multi-factor"
]
|
| enabled | boolean |
Whether the group is enabled or not. |
| enablePassword | boolean |
Whether the server will allow password authentication via Windows mechanisms. |
| enablePublicKey | boolean |
Whether the server will allow windows store based public key authentication for the user. |
| enableGSSAPI | boolean |
Whether the server will allow GSSAPI authentication mode for the user. |
| logonType | integer |
The type of logon scenario performed by the application when attempting to authenticate users. |
| mechanisms | integer |
Specifies the GSSAPI authentication mechansism to be used. Possible values are:[
"0 - All",
"1 - Kerberos",
"2 - NTLM (default)"
]
|
| storeName | string |
The name of the predefined system store where client certificates are located. Predefined system certificate store names include: 'My', 'Root', 'Trust', 'CA', and more. |
| storeType | integer |
The type of the predefined system store where client certificates are located. Possible values are:[
"0 - User (default)",
"1 - Machine"
]
|
APIKeyListItem
Describes an API key list item.
| Name | Type | Description |
|---|---|---|
| keyName | string |
The description of the API key. |
APIKeySettings
Describes an API key settings.
| Name | Type | Description |
|---|---|---|
| keyName | string |
The description of the API key. |
| apiKey | string |
The 32-character long API key, randomly generated, base64URL encoded, and prefixed by the key name. Warning: The generated key is shown only once. |