Contact Support

Authentication

All API requests must be signed with the API token and secret. Below is an example wrapper function to sign API requests. The API token and secret can be found in the Settings dialog.
Header Parameters
Auth-Token API token
Auth-Timestamp Epoch timestamp must be accurate to +/-5 minutes of server time
Auth-Nonce Random alphanumeric string of 32 characters must be unique for each request
Auth-Signature Base64 digest of hash signing algorithm
Python Example
import requests, time, uuid, hmac, hashlib, base64 BASE_URL = 'https://localhost:9700' API_TOKEN = 'p7g444S3IZ5wmFvmzWmx14qACXdzQ25b' API_SECRET = 'OpS9fjxkPI3DclkdKDDr6mqYVd0DJh4i' def auth_request(method, path, headers=None, data=None): auth_timestamp = str(int(time.time())) auth_nonce = uuid.uuid4().hex auth_string = '&'.join([API_TOKEN, auth_timestamp, auth_nonce, method.upper(), path] + ([data] if data else [])) auth_signature = base64.b64encode(hmac.new( API_SECRET, auth_string, hashlib.sha256).digest()) auth_headers = { 'Auth-Token': API_TOKEN, 'Auth-Timestamp': auth_timestamp, 'Auth-Nonce': auth_nonce, 'Auth-Signature': auth_signature, } if headers: auth_headers.update(headers) return getattr(requests, method.lower())( BASE_URL + path, verify=False, headers=auth_headers, data=data, )

GET /event/:cursor

Long polling request that returns a list of events that have occurred sorted by creation. Events will only be sent once. Request will poll for up to 30 seconds. A list of events can be found in
constants.py
.
URL Parameters
cursor Optional id of last event. If left out only events that occurred after request is sent will be returned
Response
id Event ID
type Event type
timestamp Event epoch time
resource_id Event resource ID
Python Example
response = auth_request('GET', '/event', ) assert(response.status_code == 200) print response.json() [ { 'id': '55e9f1f1b0e730245677dc31', 'type': 'users_updated', 'timestamp': 1388495793, 'resource_id': None, }, { 'id': '55e9f1f2b0e730245677dc32', 'type': 'server_organizations_updated', 'timestamp': 1388495805, 'resource_id': '55e9f1f8b0e730245677dc33', }, ]

GET /status

Returns general information about the pritunl server.
Response
org_count Number of organizations
users_online Number of users online
user_count Number of users
servers_online Number of servers online
server_count Number of servers
hosts_online Number of hosts online
host_count Number of hosts
server_version Pritunl version running on server
current_host Id of the host returning response
public_ip Public IP address of current host
local_networks List of local networks on current host
notification Notification for pritunl updates
Python Example
response = auth_request('GET', '/status', ) assert(response.status_code == 200) print response.json() { 'org_count': 2, 'users_online': 2, 'user_count': 8, 'servers_online': 2, 'server_count': 2, 'hosts_online': 4, 'host_count': 4, 'server_version': '1.4.722.21', 'current_host': '55e9f1ecb0e730245677dc30', 'public_ip': '8.8.8.8', 'local_networks': [ '10.0.0.0/24', '10.5.0.0/24', '192.168.0.0/24', ], 'notification': '', }

GET /ping

Server healthcheck.
Python Example
response = auth_request('GET', '/ping', ) assert(response.status_code == 200)

GET /log

Returns a list of server log entries sorted by time.
Response
id Log entry ID
timestamp Log entry epoch time
message Log message
Python Example
response = auth_request('GET', '/log', ) assert(response.status_code == 200) print response.json() [ { 'id': '55e9f1e4b0e730245677dc2e', 'timestamp': 1388389241, 'message': 'Web server started.', }, { 'id': '55e9f1e5b0e730245677dc2f', 'timestamp': 1388389217, 'message': 'Web server stopped.', }, ]

GET /settings

Get system settings.
Response
username Admin account username
theme Current theme
light
or
dark
public_address Public address or hostname of server. Not used on Enterprise clusters
token API token
secret API secret
email_server SMTP server
email_from SMTP from address
email_username SMTP username
email_password SMTP password
sso True if single sign-on is enabled false otherwise
sso_match List of domains to match for single sign-on
sso_org Organization ID to add single sign-on users to
server_cert Custom web console SSL certificate
server_key Custom web console SSL key
Python Example
response = auth_request('GET', '/auth', ) assert(response.status_code == 200) print response.json() { 'username': 'pritunl', 'theme': 'dark', 'public_address': '8.8.8.8', 'token': 'p7g444S3IZ5wmFvmzWmx14qACXdzQ25b', 'secret': 'OpS9fjxkPI3DclkdKDDr6mqYVd0DJh4i', 'email_server': 'email-smtp.us-east-1.amazonaws.com', 'email_from': 'contact@pritunl.com', 'email_username': 'AIWXUZFERGAHKIJ3MBGA', 'email_password': 'AioRatBJkMKpmYg0xpimGMZPjVzbU', 'sso': True, 'sso_match': ['pritunl.com'], 'sso_org': '55e99499b0e7300fef77e2b1', 'server_cert': None, 'server_key': None, }

PUT /settings

Change the system settings.
Parameters
username Admin username
password Admin password
theme Web console theme can be
light
or
dark
public_address Public address or hostname of server. Not used on Enterprise clusters
token Set to true to generate a new token
secret Set to true to generate a new secret
email_server SMTP server
email_from SMTP from address
email_username SMTP username
email_password SMTP password
server_cert Custom web console SSL certificate
server_key Custom web console SSL key
Response
username Admin account username
theme Current theme
light
or
dark
public_address Public address or hostname of server. Not used on Enterprise clusters
token API token
secret API secret
email_server SMTP server
email_from SMTP from address
email_username SMTP username
email_password SMTP password
sso True to enabled single sign-on false to disable
sso_match List of domains to match for single sign-on
sso_org Organization ID to add single sign-on users to
server_cert Custom web console SSL certificate
server_key Custom web console SSL key
Python Example
response = auth_request('PUT', '/auth', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'username': 'pritunl', 'password': 'new_password', 'theme': 'dark', 'public_address': '8.8.8.8', 'token': True, 'secret': True, 'email_server': 'email-smtp.us-east-1.amazonaws.com', 'email_from': 'contact@pritunl.com', 'email_username': 'AIWXUZFERGAHKIJ3MBGA', 'email_password': 'AioRatBJkMKpmYg0xpimGMZPjVzbU', 'sso': True, 'sso_match': ['pritunl.com'], 'sso_org': '55e99499b0e7300fef77e2b1', 'server_cert': None, 'server_key': None, }), ) assert(response.status_code == 200) print response.json() { 'username': 'pritunl', 'theme': 'dark', 'public_address': '8.8.8.8', 'token': 'p7g444S3IZ5wmFvmzWmx14qACXdzQ25b', 'secret': 'OpS9fjxkPI3DclkdKDDr6mqYVd0DJh4i', 'email_server': 'email-smtp.us-east-1.amazonaws.com', 'email_from': 'contact@pritunl.com', 'email_username': 'AIWXUZFERGAHKIJ3MBGA', 'email_password': 'AioRatBJkMKpmYg0xpimGMZPjVzbU', 'sso': True, 'sso_match': ['pritunl.com'], 'sso_org': '55e99499b0e7300fef77e2b1', 'server_cert': None, 'server_key': None, }

GET /organization

Returns a list of organizations on the server sorted by name.
Response
id Organization ID
name Organization name
user_count Number of users in organization
Python Example
response = auth_request('GET', '/organization', ) assert(response.status_code == 200) print response.json() [ { 'id': '55e99499b0e7300fef77e2b1', 'name': 'org1', 'user_count': 512, }, { 'id': '55e9f1d4b0e730245677dc2d', 'name': 'org2', 'user_count': 1024, }, ]

GET /organization/:organization_id

Returns an organization.
URL Parameters
organization_id Organization ID
Response
id Organization ID
name Organization name
user_count Number of users in organization
Python Example
response = auth_request('GET', '/organization/55e99499b0e7300fef77e2b1', ) assert(response.status_code == 200) print response.json() { 'id': '55e99499b0e7300fef77e2b1', 'name': 'org1', 'user_count': 512, }

POST /organization

Create a new organization.
Parameters
name Name of organization
Response
id Organization ID
name Organization name
user_count Number of users in organization
Python Example
response = auth_request('POST', '/organization', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'new_org', }), ) assert(response.status_code == 200) print response.json() { 'id': '55e9f24bb0e730245677dc34', 'name': 'new_org', 'user_count': 0, }

PUT /organization/:organization_id

Rename an existing organization.
URL Parameters
organization_id Organization ID
Parameters
name New name of organization
Response
id Organization ID
name Organization name
user_count Number of users in organization
Python Example
response = auth_request('PUT', '/organization/fb48734e859242e2800f077216401736', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'new_name', }), ) assert(response.status_code == 200) print response.json() { 'id': '55e9f26eb0e730245677dc35', 'name': 'new_name', 'user_count': 512, }

DELETE /organization/:organization_id

Delete an existing organization.
URL Parameters
organization_id Organization ID
Python Example
response = auth_request('DELETE', '/organization/55e9f27bb0e730245677dc36', ) assert(response.status_code == 200)

GET /user/:organization_id

Returns a list of users in an organization sorted by name.
URL Parameters
organization_id Organization ID
Response
id User ID
name User name
email Optional user email address
organization Organization ID
organization_name Organization name
otp_auth True if user uses two-step authentication
otp_secret Secret key for two-step authentication
disabled True if user is disabled otherwise false
type User type can be
client
,
server
,
client_pool
,
server_pool
. Server users are used for server certificates and pooled users are pre-created users to reduce user creation time
status True if user is online otherwise false
servers List of client information for each server
Client Parameters
id Client ID or server ID when client is not connected
name Server name
status True if connected false otherwise
server_id Server ID for client
device_name Device name set in client vpn conf file, default is random
platform Client platform can be
linux
,
mac
,
win
or
chrome
real_address Real OpenVPN IP address if connected
virt_address Virtual OpenVPN IP address if connected
connected_since Epoch time in seconds of connection start
Python Example
response = auth_request('GET', '/user/55e9f7c7b0e73033d45b44d4', ) assert(response.status_code == 200) print response.json() [ { 'id': '55e9f98cb0e73033d45b44d7', 'name': 'user0', 'email': 'user0@pritunl.com', 'organization': '55e9f7c7b0e73033d45b44d4', 'organization_name': 'org1', 'otp_auth': True, 'otp_secret': 'OPT4HTURJTW6JLQN', 'disabled': False, 'type': 'client', 'status': True, 'servers': [ { 'id': '55e9f995b0e73033d45b44da', 'name': 'server1', 'local_address': '10.139.82.6', 'remote_address': '10.139.82.7', 'virt_address': '10.139.82.6', 'real_address': '8.8.8.8:41536', 'connected_since': 1388498640, }, ], }, ]

GET /user/:organization_id/:user_id

Returns a user from an organization.
URL Parameters
organization_id Organization ID
user_id User ID
Response
id User ID
name User name
email Optional user email address
organization Organization ID
organization_name Organization name
otp_auth True if user uses two-step authentication
otp_secret Secret key for two-step authentication
disabled True if user is disabled otherwise false
type User type can be
client
,
server
,
client_pool
,
server_pool
. Server users are used for server certificates and pooled users are pre-created users to reduce user creation time
status True if user is online otherwise false
servers List of client information for each server
Client Parameters
id Client ID or server ID when client is not connected
name Server name
status True if connected false otherwise
server_id Server ID for client
device_name Device name set in client vpn conf file, default is random
platform Client platform can be
linux
,
mac
,
win
or
chrome
real_address Real OpenVPN IP address if connected
virt_address Virtual OpenVPN IP address if connected
connected_since Epoch time in seconds of connection start
Python Example
response = auth_request('GET', '/user/55e9f7c7b0e73033d45b44d4/55e9f98cb0e73033d45b44d7', ) assert(response.status_code == 200) print response.json() { 'id': '55e9f98cb0e73033d45b44d7', 'name': 'user0', 'email': 'user0@pritunl.com', 'organization': '55e9f7c7b0e73033d45b44d4', 'organization_name': 'org1', 'otp_auth': True, 'otp_secret': 'OPT4HTURJTW6JLQN', 'disabled': False, 'type': 'client', 'status': True, 'servers': [ { 'id': '55e9f995b0e73033d45b44da', 'name': 'server1', 'local_address': '10.139.82.6', 'remote_address': '10.139.82.7', 'virt_address': '10.139.82.6', 'real_address': '8.8.8.8:41536', 'connected_since': 1388498640, }, ], }

POST /user/:organization_id

Create a new user in an organization. An array of users can be sent for bulk adding users.
URL Parameters
organization_id Organization ID
Response
id User ID
name User name
email Optional user email address
organization Organization ID
organization_name Organization name
otp_auth True if user uses two-step authentication
otp_secret Secret key for two-step authentication
disabled True if user is disabled otherwise false
type User type can be
client
,
server
,
client_pool
,
server_pool
. Server users are used for server certificates and pooled users are pre-created users to reduce user creation time
status True if user is online otherwise false
servers List of client information for each server
Client Parameters
id Client ID or server ID when client is not connected
name Server name
status True if connected false otherwise
server_id Server ID for client
device_name Device name set in client vpn conf file, default is random
platform Client platform can be
linux
,
mac
,
win
or
chrome
real_address Real OpenVPN IP address if connected
virt_address Virtual OpenVPN IP address if connected
connected_since Epoch time in seconds of connection start
Python Example
response = auth_request('POST', '/user/55e9f7c7b0e73033d45b44d4', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'new_user', 'email': 'new_user@pritunl.com', 'disabled': True, }), ) assert(response.status_code == 200) print response.json() { 'id': '55e9f98cb0e73033d45b44d7', 'name': 'new_user', 'email': 'new_user@pritunl.com', 'organization': '55e9f7c7b0e73033d45b44d4', 'organization_name': 'org1', 'otp_auth': True, 'otp_secret': 'OPT4HTURJTW6JLQN', 'disabled': True, 'type': 'client', 'status': False, 'servers': [], }

PUT /user/:organization_id/:user_id

Rename or disabled an existing user in an organization. Disabling will also disconnect the user.
URL Parameters
organization_id Organization ID
user_id User ID
Response
id User ID
name User name
email Optional user email address
organization Organization ID
organization_name Organization name
otp_auth True if user uses two-step authentication
otp_secret Secret key for two-step authentication
disabled True if user is disabled otherwise false
type User type can be
client
,
server
,
client_pool
,
server_pool
. Server users are used for server certificates and pooled users are pre-created users to reduce user creation time
status True if user is online otherwise false
servers List of client information for each server
Client Parameters
id Client ID or server ID when client is not connected
name Server name
status True if connected false otherwise
server_id Server ID for client
device_name Device name set in client vpn conf file, default is random
platform Client platform can be
linux
,
mac
,
win
or
chrome
real_address Real OpenVPN IP address if connected
virt_address Virtual OpenVPN IP address if connected
connected_since Epoch time in seconds of connection start
Python Example
response = auth_request('PUT', '/user/55e9fbb0b0e73033d45b44db/55e9fbb9b0e73033d45b44dc', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'new_name', 'email': 'new_email@pritunl.com', 'disabled': False, }), ) assert(response.status_code == 200) print response.json() { 'id': '55e9fbb9b0e73033d45b44dc', 'name': 'new_name', 'email': 'new_email@pritunl.com', 'organization': '55e9fbb0b0e73033d45b44db', 'organization_name': 'org1', 'otp_auth': True, 'otp_secret': 'OPT4HTURJTW6JLQN', 'disabled': False, 'type': 'client', 'status': False, 'servers': [], }

DELETE /user/:organization_id/:user_id

Delete an existing user in an organization, this will disconnect the user.
URL Parameters
organization_id Organization ID
user_id User ID
Python Example
response = auth_request('DELETE', '/user/55e9fd5eb0e73033d45b44dd/55e9fd62b0e73033d45b44de', ) assert(response.status_code == 200)

PUT /user/:organization_id/:user_id/otp_secret

Generate a new two-step authentication secret for an existing user.
Response
id User ID
name User name
email Optional user email address
organization Organization ID
organization_name Organization name
otp_auth True if user uses two-step authentication
otp_secret Secret key for two-step authentication
disabled True if user is disabled otherwise false
type User type can be
client
,
server
,
client_pool
,
server_pool
. Server users are used for server certificates and pooled users are pre-created users to reduce user creation time
status True if user is online otherwise false
servers List of client information for each server
Client Parameters
id Client ID or server ID when client is not connected
name Server name
status True if connected false otherwise
server_id Server ID for client
device_name Device name set in client vpn conf file, default is random
platform Client platform can be
linux
,
mac
,
win
or
chrome
real_address Real OpenVPN IP address if connected
virt_address Virtual OpenVPN IP address if connected
connected_since Epoch time in seconds of connection start
Python Example
response = auth_request('PUT', '/user/55e9f7c7b0e73033d45b44d4/55e9f98cb0e73033d45b44d7/otp_secret', ) assert(response.status_code == 200) print response.json() { 'id': '55e9f98cb0e73033d45b44d7', 'name': 'new_user', 'email': 'new_user@pritunl.com', 'organization': '55e9f7c7b0e73033d45b44d4', 'organization_name': 'org1', 'otp_auth': True, 'otp_secret': 'OPT4HTURJTW6JLQN', 'disabled': True, 'type': 'client', 'status': False, 'servers': [], }

GET /key/:organization_id/:user_id.tar

Download a users key tar archive.
URL Parameters
organization_id Organization ID
user_id User ID
Python Example
response = auth_request('GET', '/key/55e9feb0b0e73033d45b44e0/55e9feb3b0e73033d45b44e1.tar', ) assert(response.status_code == 200)

GET /key_onc/:organization_id/:user_id.zip

Download a users onc key zip archive.
URL Parameters
organization_id Organization ID
user_id User ID
Python Example
response = auth_request('GET', '/key_onc/55e9feb0b0e73033d45b44e0/55e9feb3b0e73033d45b44e1.zip', ) assert(response.status_code == 200)

GET /key/:organization_id/:user_id

Generate a temporary url to download a users key archive and view the two-step authentication key. Urls can be viewed without authenticating and will expire after 24 hours. The key link can also be deleted by clicking the delete link button on the page.
URL Parameters
organization_id Organization ID
user_id User ID
Response
id Key link ID
key_url Temporary url to download user key tar archive
key_onc_url Temporary url to download user onc key zip archive
view_url Temporary url to view the two-step authentication key, download key archive and download mobile key configurations
uri_url Temporary uri for Pritunl clients to import keys
Python Example
response = auth_request('GET', '/key/060e54e627904abf9402bf3f2e0e16a2/de554a9993cb4250a995cbcca7a6af5a', ) assert(response.status_code == 200) print response.json() { 'id': '55e9ff91b0e73033d45b44e2', 'key_url': '/key/4f5bd04d85414e20b0a451d642dab06d.tar', 'key_onc_url': '/key/4f5bd04d85414e20b0a451d642dab06d.zip', 'view_url': '/k/y3aNc', 'uri_url': '/ku/y3aNc', }

GET /server

Returns a list of servers sorted by name.
Response
id Server ID
name Server name
status Server status can be pending, offline or online. Server will be pending when generating DH params
uptime Server uptime in seconds
users_online Number of users online
user_count Number of users attached to the server
devices_online Number of devices online
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Python Example
response = auth_request('GET', '/server', ) assert(response.status_code == 200) print response.json() [ { 'id': '55ea0588b0e73033d45b44e3', 'name': 'server1', 'status': 'online', 'uptime': 463, 'users_online': 1, 'devices_online': 1, 'user_count': 6, 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }, ]

GET /server/:server_id

Returns a server.
Response
id Server ID
name Server name
status Server status can be pending, offline or online. Server will be pending when generating DH params
uptime Server uptime in seconds
users_online Number of users online
user_count Number of users attached to the server
devices_online Number of devices online
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Python Example
response = auth_request('GET', '/server/55ea0588b0e73033d45b44e3', ) assert(response.status_code == 200) print response.json() { 'id': '55ea0588b0e73033d45b44e3', 'name': 'server1', 'status': 'online', 'uptime': 463, 'users_online': 1, 'devices_online': 1, 'user_count': 6, 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }

POST /server

Create a new server.
Parameters
name Server name
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Response
id Server ID
name Server name
status Server status can be pending, offline or online. Server will be pending when generating DH params
uptime Server uptime in seconds
users_online Number of users online
user_count Number of users attached to the server
devices_online Number of devices online
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Python Example
response = auth_request('POST', '/server', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'server1', 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }), ) assert(response.status_code == 200) print response.json() { 'id': '55ea0588b0e73033d45b44e3', 'name': 'server1', 'status': 'online', 'uptime': 463, 'users_online': 1, 'devices_online': 1, 'user_count': 6, 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }

PUT /server/:server_id

Update an existing server.
URL Parameters
server_id Server ID
Parameters
name Server name
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Response
id Server ID
name Server name
status Server status can be pending, offline or online. Server will be pending when generating DH params
uptime Server uptime in seconds
users_online Number of users online
user_count Number of users attached to the server
devices_online Number of devices online
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Python Example
response = auth_request('PUT', '/server/55ea0588b0e73033d45b44e3', headers={ 'Content-Type': 'application/json', }, data=json.dumps({ 'name': 'new_name', }), ) assert(response.status_code == 200) print response.json() { 'id': '55ea0588b0e73033d45b44e3', 'name': 'new_name', 'status': 'online', 'uptime': 463, 'users_online': 1, 'devices_online': 1, 'user_count': 6, 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }

DELETE /server/:server_id

Delete an existing server.
URL Parameters
server_id Server ID
Python Example
response = auth_request('DELETE', '/server/55ea0588b0e73033d45b44e3', ) assert(response.status_code == 200)

PUT /server/:server_id/:operation

Start, stop or restart an existing server.
URL Parameters
server_id Server ID
operation Server operation
Response
id Server ID
name Server name
status Server status can be pending, offline or online. Server will be pending when generating DH params
uptime Server uptime in seconds
users_online Number of users online
user_count Number of users attached to the server
devices_online Number of devices online
network Servers VPN network address
bind_address Server bind address
port Server port
protocol Server protocol
dh_param_bits Size of dh parameters can be 1024, 1536 2048, 3072 or 4096
mode Server mode can be all_traffic, local_traffic or vpn_traffic
network_mode Server network mode can be tunnel or bridge
network_start Server vpn network start address for clients if using bridged mode
network_end Server vpn network end address for clients if using bridged mode
multi_device True is users can connect on multiple devices false otherwise
local_networks List of local networks server is routing traffic to otherwise empty list if all traffic is routed. Mode must be set to local_traffic when set
dns_servers List of dns servers for ovpn clients
search_domain DNS search domain
otp_auth True if the server is using two-step authentication otherwise false
cipher Server vpn cipher can be none, bf128, bf256, aes128, aes192 or aes256
jumbo_frames True if jumbo frames are enabled false otherwise
lzo_compression True if lzo compression is enabled otherwise false. May also be adaptive for backwards compatibility with 0.10.x servers
inter_client True to enable inter-client communication
ping_interval Interval in seconds to send ping to vpn clients
ping_timeout Ping timeout in seconds before considering a vpn client disconnected
max_clients Maximum vpn clients per host
replica_count Replica count for multiple hosts
debug True if server debug output is enabled otherwise false
Python Example
response = auth_request('PUT', '/server/55ea0588b0e73033d45b44e3/start', ) assert(response.status_code == 200) print response.json() { 'id': '55ea0588b0e73033d45b44e3', 'name': 'server1', 'status': 'online', 'uptime': 463, 'users_online': 1, 'devices_online': 1, 'user_count': 6, 'network': '10.139.82.0/24', 'bind_address': None, 'port': 12524, 'protocol': 'udp', 'dh_param_bits': 2048, 'mode': 'all_traffic', 'network_mode': 'tunnel', 'network_start': None, 'network_end': None, 'multi_device': False, 'local_networks': [], 'dns_servers': ['8.8.4.4'], 'search_domain': 'pritunl.com', 'otp_auth': True, 'cipher': 'aes256', 'jumbo_frames': False, 'lzo_compression': False, 'inter_client': True, 'ping_interval': 10, 'ping_timeout': 60, 'max_clients': 2048, 'replica_count': 1, 'debug': True, }

GET /server/:server_id/organization

Returns a list of organizations attached to a server sorted by name.
URL Parameters
server_id Server ID
Response
id Organization ID
server Server ID
name Organization name
Python Example
response = auth_request('GET', '/server/55ea06f2b0e73033d45b44e4/organization', ) assert(response.status_code == 200) print response.json() [ { 'id': '55ea06f8b0e73033d45b44e5', 'server': '55ea06f2b0e73033d45b44e4', 'name': 'org1', }, ]

PUT /server/:server_id/organization/:organization_id

Attach an organization to an existing server.
URL Parameters
server_id Server ID
organization_id Organization ID
Response
id Organization ID
server Server ID
name Organization name
Python Example
response = auth_request('PUT', '/server/55ea089ab0e73033d45b44e6/organization/55ea089fb0e73033d45b44e7', ) assert(response.status_code == 200) print response.json() { 'id': '55ea089fb0e73033d45b44e7', 'server': '55ea089ab0e73033d45b44e6', 'name': 'org2', }

DELETE /server/:server_id/organization/:organization_id

Remove an organization from an existing server.
URL Parameters
server_id Server ID
organization_id Organization ID
Python Example
response = auth_request('DELETE', '/server/55ea089ab0e73033d45b44e6/organization/55ea089fb0e73033d45b44e7', ) assert(response.status_code == 200)

GET /server/:server_id/output

Get the output of a server.
URL Parameters
server_id Server ID
Response
id Organization ID
output List of server output lines
Python Example
response = auth_request('GET', '/server/e9f1ba1f55194eb1843d4fcf39a44d7b/output', ) assert(response.status_code == 200) print response.json() { 'id': 'e9f1ba1f55194eb1843d4fcf39a44d7b', 'output': [ '[evening-fields-8187] Fri Sep 4 16:35:13 2015 Initialization Completed', ], }

DELETE /server/:server_id/output

Clear the output of a server.
URL Parameters
server_id Server ID
Python Example
response = auth_request('DELETE', '/server/e9f1ba1f55194eb1843d4fcf39a44d7b/output', ) assert(response.status_code == 200)