Application API

The Application API provides administrative access to manage the entire Pterodactyl Panel. These endpoints require administrative privileges and are designed for panel automation, integration with external systems, and comprehensive server management.

Base URL

https://your-panel.com/api/application

Authentication

All Application API requests require an Application API key with administrative privileges:

curl "https://your-panel.com/api/application/users" \
  -H "Authorization: Bearer ptla_YOUR_APPLICATION_API_KEY" \
  -H "Accept: Application/vnd.pterodactyl.v1+json"

Administrative Access Required

These endpoints require administrative privileges and should only be used by trusted applications with proper authentication. Application API keys provide full panel access.

API Sections

User Management

Complete user lifecycle management for the panel.

• List All Users - Retrieve all panel users with filtering and pagination
• Get User Details - View detailed user information
• Create User - Add new users to the panel
• Update User - Modify user information and permissions
• Delete User - Remove users from the panel

Server Management

Administrative server operations and lifecycle management.

• List All Servers - View all servers in the panel
• Get Server Details - Detailed server information
• Create Server - Deploy new servers programmatically
• Update Server Details - Modify server information
• Update Build Configuration - Change resource limits
• Update Startup Settings - Modify startup commands and variables
• Suspend/Unsuspend Server - Manage server suspension status
• Reinstall Server - Trigger server reinstallation
• Delete Server - Remove servers from the panel

Node Management

Wings daemon node administration and configuration.

• List All Nodes - View all Wings nodes
• Get Node Details - Detailed node information
• Create Node - Add new Wings nodes
• Update Node - Modify node configuration
• Get Node Configuration - Wings configuration file
• List Node Allocations - View port allocations
• Create Allocations - Add new port allocations
• Delete Allocation - Remove specific allocations
• Delete Node - Remove nodes from the panel

Location Management

Geographic organization and data center management.

• List All Locations - View all configured locations
• Get Location Details - Detailed location information
• Create Location - Add new locations
• Update Location - Modify location information
• Delete Location - Remove locations from the panel

Nests & Eggs Management

Server type and configuration management for game servers and applications.

• List All Nests - View all server type categories
• Get Nest Details - Detailed nest information
• List Nest Eggs - View server configurations within a nest
• Get Egg Details - Detailed egg configuration

Common Features

Filtering and Pagination

Most list endpoints support advanced filtering and pagination:

# Filter users by email domain
GET /api/application/users?filter[email]=@example.com

# Paginate results
GET /api/application/servers?page=2&per_page=25

# Sort by creation date
GET /api/application/nodes?sort=-created_at

Relationship Inclusion

Include related data in responses:

# Include servers with user data
GET /api/application/users/1?include=servers

# Include allocations and location with node
GET /api/application/nodes/1?include=allocations,location

Response Format

All responses follow consistent formatting:

{
  "object": "list|resource_type",
  "data": [ /* resource data */ ],
  "meta": {
    "pagination": {
      "total": 50,
      "count": 25,
      "per_page": 25,
      "current_page": 1,
      "total_pages": 2,
      "links": {}
    }
  }
}

Rate Limiting

The Application API implements rate limiting to prevent abuse:

• Default Limit: 240 requests per minute per API key
• Burst Limit: Up to 10 requests per second
• Headers: Response includes rate limit headers

X-RateLimit-Limit: 240
X-RateLimit-Remaining: 235
X-RateLimit-Reset: 1642686400

Getting Started

1. Generate an Application API Key

   • Log in as an administrator
   • Go to https://your-panel.com/admin/api
   • Click "Create API Key"
   • Optionally restrict by IP addresses

2. Make Your First Request

   curl "https://your-panel.com/api/application/users" \
     -H "Authorization: Bearer ptla_YOUR_APPLICATION_API_KEY" \
     -H "Accept: Application/vnd.pterodactyl.v1+json"

3. Explore Available Resources

   • Start with user management to test your API key
   • Use server management for automated deployments
   • Configure nodes and locations for infrastructure management

Source Code References

All Application API endpoints are implemented in the Pterodactyl Panel source code:

• Controllers: app/Http/Controllers/Api/Application/
• Routes: routes/api-application.php
• Services: app/Services/
• Models: app/Models/

For detailed source code references, see our Source References Guide.

Security Considerations

• Never expose Application API keys in client-side code
• Use IP restrictions when possible for additional security
• Regularly rotate API keys for production environments
• Monitor API usage through the panel's audit logs
• Implement proper error handling to avoid exposing sensitive information

Next Steps

• Start with User Management for basic administrative operations
• Explore Server Management for automated deployments
• Configure Node Management for infrastructure scaling
• Review Authentication for security best practices