< All Topics



Updates the permissions of an existing SPanel user account.


Additional parameters:

tokenstringYesAuthorizing API token – check API Basics for more information.
actionstringYesThe category and function being executed.
usernamestringYesSPanel account username.
permissionsstring|arrayNoPermissions array or ‘all’ string for full root permissions. If omitted, full root permissions will be assigned.

When using a permissions array, you can set the category sub-array to ‘all’ string to include every child page available or use an array with every page that you wish to include, for example:
  • If you use [ 'email' => 'all' ], all pages under server category will be included in the newly created user permissions list;If you use [ 'domains' => [ 'domains', 'redirects' ] ], the newly created user will access only the pages specified.
Check the full API call example below for further clarification.

The structure and an always up-to-date list of all available user permissions can be obtained by running the user/listuserpermissions API call. The list is pulled directly from SPanel’s system in real-time.


$endpointUrl = '';

$postData = [
  'token' => 'provided_auth_token', // Check API Basics for more information
  'action' => 'user/editprivileges',
  'username' => 'spanelio_testuser',
   //'permissions' => 'all' //Set all permissions
  'permissions' => [
    'email' => 'all', //access every email page
    'domain' => [ 'domains', 'redirects' ] //access only the 'domains' and 'redirect' pages

$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $endpointUrl);
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt( $ch, CURLOPT_POST, true);
curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query($postData));
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt( $ch, CURLOPT_SSL_VERIFYHOST, false);
$jsonOutput = curl_exec( $ch );


    "result": "success",
    "data": {
        "msg": "Successfully updated account Features Access."
Previous accounts/grantSSH
Table of Contents