How to troubleshoot the error “Unable to create to API tokens for resellers accounts ” ?

Can’t able to create API tokens for resellers Accounts

We as a whole realize that an API Token is a novel identifier of an application programming which requires service/cPanel access. The token produced can be coordinated with the one effectively connected keeping in mind the end goal to verify. An API token means the username/password word blend over HTTP which isn’t precisely a safe transmission source. The direct connecting to specialist organization facilitates and attaches up the client control process. The direct connecting to the server is a vital component of the API Token.

On cPanel servers you can generate an API token via WHM >> Development Manage API Tokens. some time the API token creation for a reseller account leads errors, here we can discuss some common errors.

1. The system failed to create the API token: Invalid or unauthorized ACL specified: frontpage

This error is due to the invalid ‘frontpage’ ACL that was still left in /var/cpanel/resellers for the users (take an example “user1”).

In order to resolve this issue

1. Make a backup of your old file /var/cpanel/resellers

# cp -v /var/cpanel/resellers{,.backup.9558369}
‘/var/cpanel/resellers’ -> ‘/var/cpanel/resellers.backup.9558369’

2. remove this invalid ACL for the “user1”,
# sed -i ‘s/frontpage,//g’ /var/cpanel/resellers

save the file and restart the cPanel will solve this issue.

If you are experiencing this issue with other users as well, the “frontpage” ACL can be globally removed from the file with this command:

sed -i.bak ‘s/frontpage,//g’ /var/cpanel/resellers

This would remove the frontpage ACL from the other users as well.

A sample /var/cpanel/resellers file should like this,

user1:acct-summary,add-pkg,allow-addoncreate,allow-parkedcreate,allow-unlimited-bw-pkgs,allow-unlimited-disk-pkgs,allow-unlimited-pkgs,basic-system-info,basic-whm-functions,cors-proxy-get,cpanel-api,cpanel-integration,create-acct,create-dns,create-user-session,digest-auth,edit-account,edit-dns,edit-mx,edit-pkg,frontpage,generate-email-config,kill-acct,kill-dns,limit-bandwidth,list-accts,list-pkgs,mailcheck,manage-api-tokens,manage-dns-records,manage-oidc,manage-styles,mysql-info,news,ns-config,park-dns,passwd,public-contact,quota,show-bandwidth,ssl,ssl-gencrt,ssl-info,stats,status,suspend-acct,track-email,upgrade-account

2. Sometimes you may see the below error while generating API Tokens

The system failed to create the API token: Invalid or unauthorized ACLs specified: disallow-shell and frontpage

The ‘disallow-shell’ error is due to that being a setting that used to exist in older versions of cPanel, but it was removed at some point (not in v70, but even earlier than that). By adding the missing reseller options will fix the issue.

The below scripts will add these missing options,

/scripts/fix_reseller_acls –fix-disallow-shell –all-resellers –all-acl-lists

for adding these options for the single user, please follow the below scripts

/usr/local/cpanel/scripts/fix_reseller_acls –add-default-privs –reseller user1

This will help you to create API tokens without any issues.