Skip to main content
Version: v1.0+

Database Management

Manage MySQL/MariaDB databases for your servers including creation, password rotation, and deletion.

List Databases

Retrieve all databases associated with a server.

GET /api/client/servers/{server}/databases

Example Request

GET /api/client/servers/{server}/databases
curl "https://your-panel.com/api/client/servers/d3aac109/databases" \
-H "Authorization: Bearer ptlc_YOUR_API_KEY" \
-H "Accept: Application/vnd.pterodactyl.v1+json" \
-H "Content-Type: application/json"

Example Response

{
  "object": "list",
  "data": [
    {
      "object": "server_database",
      "attributes": {
        "id": "s4_1",
        "host": {
          "address": "mysql.example.com",
          "port": 3306
        },
        "name": "s4_gamedata",
        "username": "u4_gKGSzC8x9M",
        "remote": "%",
        "max_connections": 0,
        "relationships": {
          "password": {
            "object": "database_password",
            "attributes": {
              "password": "aP$9gH#x2Kw8"
            }
          }
        }
      }
    },
    {
      "object": "server_database",
      "attributes": {
        "id": "s4_2",
        "host": {
          "address": "mysql.example.com",
          "port": 3306
        },
        "name": "s4_website",
        "username": "u4_hN7jL4mP6Q",
        "remote": "127.0.0.1",
        "max_connections": 10,
        "relationships": {
          "password": {
            "object": "database_password",
            "attributes": {
              "password": "xR$7nM#k9Lp3"
            }
          }
        }
      }
    }
  ]
}

Database Fields

FieldDescription
idUnique database identifier
hostDatabase server connection details
nameDatabase name
usernameDatabase username
remoteAllowed remote connection pattern
max_connectionsMaximum concurrent connections (0 = unlimited)

Create Database

Create a new MySQL/MariaDB database for the server.

POST /api/client/servers/{server}/databases

Request Body

FieldTypeRequiredDescription
databasestringYesDatabase name (without server prefix)
remotestringYesRemote access pattern (% for all, specific IP, etc.)

Example Request

POST /api/client/servers/{server}/databases
curl -X POST "https://your-panel.com/api/client/servers/d3aac109/databases" \
-H "Authorization: Bearer ptlc_YOUR_API_KEY" \
-H "Accept: Application/vnd.pterodactyl.v1+json" \
-H "Content-Type: application/json" \
-d '{
  "database": "playerdata",
  "remote": "%"
}'

Example Response

{
  "object": "server_database",
  "attributes": {
    "id": "s4_3",
    "host": {
      "address": "mysql.example.com",
      "port": 3306
    },
    "name": "s4_playerdata",
    "username": "u4_kL9mN2pQ5R",
    "remote": "%",
    "max_connections": 0,
    "relationships": {
      "password": {
        "object": "database_password",
        "attributes": {
          "password": "yS$8oP#m4Nx7"
        }
      }
    }
  }
}

Remote Access Patterns

PatternDescriptionExample Use Case
%Allow from any IPDevelopment, web applications
127.0.0.1Local connections onlySame-server applications
192.168.1.%Specific subnetPrivate network access
example.comSpecific hostnameExternal web server

Rotate Database Password

Generate a new password for an existing database.

POST /api/client/servers/{server}/databases/{database}/rotate-password

URL Parameters

ParameterTypeDescription
databasestringDatabase identifier

Example Request

POST /api/client/servers/{server}/databases/{database}/rotate-password
curl -X POST "https://your-panel.com/api/client/servers/d3aac109/databases/s4_1/rotate-password" \
-H "Authorization: Bearer ptlc_YOUR_API_KEY" \
-H "Accept: Application/vnd.pterodactyl.v1+json" \
-H "Content-Type: application/json"

Example Response

{
  "object": "server_database",
  "attributes": {
    "id": "s4_1",
    "host": {
      "address": "mysql.example.com",
      "port": 3306
    },
    "name": "s4_gamedata",
    "username": "u4_gKGSzC8x9M",
    "remote": "%",
    "max_connections": 0,
    "relationships": {
      "password": {
        "object": "database_password",
        "attributes": {
          "password": "nR$5tK#w9Mx8"
        }
      }
    }
  }
}
Important

Password rotation immediately invalidates the old password. Update your application configuration before rotating passwords to avoid connection failures.

Delete Database

Permanently delete a database and all its data.

DELETE /api/client/servers/{server}/databases/{database}

URL Parameters

ParameterTypeDescription
databasestringDatabase identifier

Example Request

curl -X DELETE "https://your-panel.com/api/client/servers/d3aac109/databases/s4_1" \
  -H "Authorization: Bearer ptlc_YOUR_API_KEY" \
  -H "Accept: Application/vnd.pterodactyl.v1+json" \
  -H "Content-Type: application/json"

Success Response (204)

Returns empty response body with status code 204.

Permanent Deletion

Database deletion is irreversible and will permanently destroy all data. Always create backups before deleting databases.

Database Connection Examples

PHP (PDO)

PHP
<?php
try {
  $host = 'mysql.example.com';
  $port = 3306;
  $dbname = 's4_gamedata';
  $username = 'u4_gKGSzC8x9M';
  $password = 'aP$9gH#x2Kw8';
  
  $dsn = "mysql:host={$host};port={$port};dbname={$dbname};charset=utf8mb4";
  $pdo = new PDO($dsn, $username, $password, [
      PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
      PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
      PDO::ATTR_EMULATE_PREPARES => false,
  ]);
  
  echo "Connected successfully!\n";
  
  // Example query
  $stmt = $pdo->prepare("SELECT COUNT(*) as count FROM players");
  $stmt->execute();
  $result = $stmt->fetch();
  echo "Player count: " . $result['count'] . "\n";
  
} catch(PDOException $e) {
  echo "Connection failed: " . $e->getMessage() . "\n";
}
?>

MySQL CLI

mysql -h mysql.example.com -P 3306 -u u4_gKGSzC8x9M -p s4_gamedata
# Enter password when prompted: aP$9gH#x2Kw8

Database Limits

LimitDefaultDescription
Maximum databases per server5Configurable by admin
Database name length48 charactersIncluding server prefix
Username length16 charactersIncluding server prefix
Password length32 charactersAuto-generated

Best Practices

Security

  1. Use Specific Remote Patterns: Avoid % in production if possible
  2. Regular Password Rotation: Rotate passwords periodically
  3. Principle of Least Privilege: Create application-specific databases
  4. SSL Connections: Enable SSL/TLS when available

Performance

  1. Connection Pooling: Use connection pools in applications
  2. Proper Indexing: Create indexes for frequently queried columns
  3. Query Optimization: Use prepared statements and efficient queries
  4. Connection Limits: Monitor and optimize max_connections

Backup Strategy

// Example backup script
const mysqldump = require('mysqldump');

async function backupDatabase() {
  try {
    await mysqldump({
      connection: {
        host: 'mysql.example.com',
        user: 'u4_gKGSzC8x9M',
        password: 'aP$9gH#x2Kw8',
        database: 's4_gamedata',
      },
      dumpToFile: `./backup-${Date.now()}.sql`,
    });
    console.log('Backup completed successfully');
  } catch (error) {
    console.error('Backup failed:', error);
  }
}

Troubleshooting

Connection Issues

"Access denied" errors

  • Verify username and password
  • Check remote access pattern
  • Ensure database exists

"Can't connect to MySQL server"

  • Verify host and port
  • Check firewall settings
  • Ensure database server is running

"Too many connections"

  • Check max_connections limit
  • Implement connection pooling
  • Close unused connections

Database Limits Reached

# Check current database count
curl "https://your-panel.com/api/client/servers/d3aac109/databases" \
  -H "Authorization: Bearer ptlc_YOUR_API_KEY" | \
  jq '.data | length'

Required Permissions

PermissionDescription
database.readView existing databases
database.createCreate new databases
database.updateRotate database passwords
database.deleteDelete databases

Source References

Controller: DatabaseController
Password Controller: DatabasePasswordController
Routes: api-client.php - Database endpoints
Database Model: Database.php
Database Service: DatabaseManagementService

Next Steps