Developer

ServerPrism API

Control your servers programmatically — power signals, status, console commands — from your own scripts, dashboards, and bots.

These API docs are provided in English only — the technical terms (scopes, status codes, header names) are universal across integrations.

On this page

Getting started

  1. Sign in to your ServerPrism account.
  2. Open Account → API Credentials and create a token.
  3. Pick the smallest set of scopes your integration needs.
  4. Copy the token once when it's shown — we never store it in cleartext and cannot recover it.
  5. Use the token as a Bearer credential against the endpoints below.

All requests go to https://serverprism.com. All responses are JSON. All timestamps are UTC ISO-8601.

Authentication

Pass the token in an Authorization: Bearer header. Tokens are personal — each one belongs to a single ServerPrism customer and can only act on services that customer owns.

curl https://serverprism.com/api/v1/client/servers \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Accept: application/json"

Tokens you create through the dashboard are personal access tokens. The OAuth client-credentials and authorization-code flows are not currently exposed for customer integrations.

Scopes

Each token carries one or more scopes. An endpoint requires a specific scope to be present — missing scope returns 403.

Scope Allows
servers:read View your servers (status, resources, basic info)
servers:control Send power signals (start/stop/restart/kill) and console commands to your servers

Rate limits

Limits are per-customer, per-minute. They are deliberately conservative — if you need more, open a ticket and tell us about your integration.

Bucket Limit Endpoints
read 60 / minute GET /servers, GET /servers/{id}
write 20 / minute POST /servers/{id}/power, POST /servers/{id}/command

Exceeding a limit returns 429 Too Many Requests with a Retry-After header. Back off and retry — never tight-loop on a 429.

Errors

Status Meaning
401Missing or invalid token.
403Token does not include the required scope.
404Server not found, or you do not own it.
422Request body failed validation.
429Rate limit exceeded.
503Upstream node temporarily unavailable. Retry after a short delay.

Endpoints

Server ID in URLs is the numeric paymenter Service ID — the same one in your /services/{id} URL.

GET /api/v1/client/servers scope: servers:read

Lists every active or suspended service owned by the token holder.

Request

curl https://serverprism.com/api/v1/client/servers \
  -H "Authorization: Bearer YOUR_TOKEN"

Response

{
  "data": [
    { "id": 1234, "product": "Minecraft 4 GB", "service_status": "active" },
    { "id": 1290, "product": "Palworld 8 GB", "service_status": "active" }
  ]
}
GET /api/v1/client/servers/{id} scope: servers:read

Returns the server's name, limits, and best-effort live resource usage.

Response

{
  "data": {
    "id": 1234,
    "name": "Fred's Minecraft",
    "service_status": "active",
    "limits": {
      "memory_mb": 4096,
      "disk_mb": 25600,
      "cpu_percent": 200
    },
    "resources": {
      "current_state": "running",
      "memory_bytes": 2147483648,
      "cpu_absolute": 18.5,
      "disk_bytes": 7300000000,
      "network_rx_bytes": 12345678,
      "network_tx_bytes": 87654321
    }
  }
}

The resources block may be null if the node was briefly unreachable. Retry, or fall back to the panel UI's status indicator.

POST /api/v1/client/servers/{id}/power scope: servers:control

Sends a power signal to the server.

Request body

{
  "signal": "start"   // one of: "start", "stop", "restart", "kill"
}

kill hard-terminates the process without giving the game a chance to save. Use stop for graceful shutdowns of survival/save-state games.

Example

curl -X POST https://serverprism.com/api/v1/client/servers/1234/power \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"signal":"restart"}'

Response

{ "data": { "signal": "restart", "sent": true } }
POST /api/v1/client/servers/{id}/command scope: servers:control

Sends a single console command to the running server (e.g. say hello, stop, whitelist add Notch). The server must be running — if it isn't, upstream returns 412 and we surface that to you.

Request body

{
  "command": "say Server restarting in 5 minutes"
}

Maximum 1024 characters. Newlines are not split into multiple commands.

Response

{ "data": { "command": "say Server restarting in 5 minutes", "sent": true } }

Versioning

The v1 namespace is stable. Breaking changes will only happen in a new namespace (v2); we may add new fields to existing responses without warning, so write your client to ignore unknown keys.

Feature requests and bug reports: open a ticket and mention "API".