🧅 Tor Admin Panel - API Tokens

Welcome, Logout
Dashboard Configuration Hidden Services Logs API Tokens

🔑 Your New API Token

Important: Save this token now! It will not be shown again.

🔐 JWT Secret Key

Current JWT secret (auto-generated if TOR_JWT_SECRET not set):

Set TOR_JWT_SECRET environment variable to use a custom secret

Generate New API Token

📚 API Documentation

Authentication

1. Get a token:

curl -X POST http://your-server/admin/api.php?action=login \
-d "username=admin&password=yourpass"

2. Use the token:

curl -H "Authorization: Bearer YOUR_TOKEN" \
http://your-server/admin/api.php?action=status

Available Endpoints

📊 GET /admin/api.php?action=status

Get status of all services

📈 GET /admin/api.php?action=stats

Get system statistics

🧅 GET /admin/api.php?action=hidden-services

Get list of hidden services

⚙️ POST /admin/api.php?action=service-control

Control services (start/stop/restart)

POST data: service=tor-server&command=restart

🔑 POST /admin/api.php?action=login

Get authentication token

POST data: username=admin&password=yourpass
Security Notes:
• Tokens expire after 24 hours
• Set custom JWT secret via TOR_JWT_SECRET environment variable
• Store tokens securely - they provide full admin access
• API supports both Bearer tokens and web session authentication