## POST /api/v2/shared-hosting/{accountId}/actions/sso **Create hosting control-panel SSO link** Create a short-lived single sign-on URL for the hosting control panel. The URL is interactive and should be opened by the customer, not stored. ### Related Endpoints - `GET /api/v2/shared-hosting/{accountId}/actions/sso`: Check control-panel SSO availability - `GET /api/v2/shared-hosting/{accountId}/actions/pause`: Get hosting pause status - `POST /api/v2/shared-hosting/{accountId}/actions/pause`: Pause shared hosting ### Headers - `Accept`: application/json - `Authorization`: Bearer YOUR_API_KEY - Required API scopes: `console:services`, `write:hosting` ### Parameters - `accountId` (path, string, required): Public shared-hosting account ID. Get it from GET /api/v2/shared-hosting `data[].id`. Do not invent this value; use the exact ID returned by the referenced API response. Example: `acct_01hxa3b4c5d6e7f8g9h0j1k2m3` ### Request Example ```bash curl -X POST "https://cloud.hostup.se/api/v2/shared-hosting/acct_01hxa3b4c5d6e7f8g9h0j1k2m3/actions/sso" \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Accept: application/json" ``` ### Response Schema - `loginUrl` (string, required) Example: `https://cpanel.example.com/login/session/YOUR_TOKEN` - `expiresAt` (string,null, required): Known expiry timestamp, or null when the control panel does not expose the exact token TTL. Example: `null` - `singleUse` (boolean, required): Whether the generated login URL is intended for one interactive use. Example: `true` ### Responses #### 200 - SSO link. ```json { "loginUrl": "https://cpanel.example.com/login/session/YOUR_TOKEN", "expiresAt": null, "singleUse": true } ``` #### 400 - Invalid request. The response body is an RFC 7807 Problem Details document. ```json { "type": "https://developer.hostup.se/errors/invalid_request", "title": "Invalid request", "status": 400, "detail": "The request body failed validation.", "code": "invalid_request", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z", "errors": [ { "pointer": "/items/0/domainName", "detail": "`domainName` is required.", "code": "invalid_request" } ] } ``` #### 401 - Unauthorized. Authentication is required. ```json { "type": "https://developer.hostup.se/errors/unauthorized", "title": "Unauthorized", "status": 401, "detail": "Authentication is required.", "code": "unauthorized", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 403 - Forbidden. The caller lacks a required scope or does not own the resource. ```json { "type": "https://developer.hostup.se/errors/forbidden", "title": "Forbidden", "status": 403, "detail": "The caller lacks a required scope or does not own the resource.", "code": "forbidden", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 404 - Not found. The resource does not exist or is not owned by the caller. ```json { "type": "https://developer.hostup.se/errors/not_found", "title": "Not found", "status": 404, "detail": "The requested resource could not be found.", "code": "not_found", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 429 - Rate limited. Retry after the limit resets. 429 responses include `Retry-After` seconds plus `X-RateLimit-*` headers. ```json { "type": "https://developer.hostup.se/errors/rate_limit_exceeded", "title": "Too many requests", "status": 429, "detail": "Too many requests. Retry after the limit resets.", "code": "rate_limit_exceeded", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ``` #### 500 - Internal error. Retry later or contact support if the issue persists. ```json { "type": "https://developer.hostup.se/errors/internal_error", "title": "Internal server error", "status": 500, "detail": "An unexpected error occurred. Retry later or contact support if the issue persists.", "code": "internal_error", "instance": "/api/v2/resource", "requestId": "req_01hxa3b4c5d6e7f8g9h0j1k2m3", "timestamp": "2026-04-27T12:34:56.000Z" } ```