3x-uiServer
System status, log retrieval, certificate generators, Xray binary management, and backup/restore. All under /panel/api/server.
API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/status"{ "success": true, "obj": { "cpu": 12.5, "mem": { "current": 2147483648, "total": 8589934592 }, "swap": { "current": 0, "total": 4294967296 }, "disk": { "current": 53687091200, "total": 268435456000 }, "netIO": { "up": 1073741824, "down": 2147483648 }, "xray": { "state": "running", "version": "v25.10.31" }, "tcpCount": 42, "load": { "load1": 0.5, "load5": 0.3, "load15": 0.2 } }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/fail2banStatus"{ "success": true, "obj": { "enabled": true, "installed": true, "usable": true, "windows": false }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Bucket size in seconds. Allowed: 2, 30, 60, 120, 180, 300.
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/cpuHistory/0"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
cpu | mem | netUp | netDown | online | load1 | load5 | load15.
Bucket size in seconds. Allowed: 2, 30, 60, 120, 180, 300.
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/history/string/0"{ "success": true, "obj": [ { "t": 1700000000, "v": 12.5 }, { "t": 1700000002, "v": 13.1 } ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/xrayMetricsState"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
xrAlloc | xrSys | xrHeapObjects | xrNumGC | xrPauseNs.
Bucket size in seconds. Allowed: 2, 30, 60, 120, 180, 300.
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/xrayMetricsHistory/string/0"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/xrayObservatory"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Outbound tag from the observatory config.
Bucket size in seconds. Allowed: 2, 30, 60, 120, 180, 300.
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/xrayObservatoryHistory/string/0"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getXrayVersion"{ "success": true, "obj": [ "v25.10.31", "v25.9.15", "v25.8.1" ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getPanelUpdateInfo"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getConfigJson"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getDb"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getMigration"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getNewUUID"{ "success": true, "obj": "550e8400-e29b-41d4-a716-446655440000"}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getWebCertFiles"{ "success": true, "obj": { "webCertFile": "/root/cert/example.com/fullchain.pem", "webKeyFile": "/root/cert/example.com/privkey.pem" }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/descendants"{ "success": true, "obj": [ { "guid": "c3d4-...", "parentGuid": "a1b2-...", "name": "Node3", "address": "10.0.0.3", "status": "online" } ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getNewX25519Cert"{ "success": true, "obj": { "privateKey": "uN9qLfV3zH8w...", "publicKey": "5v8xPqR2sM7k..." }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getNewmldsa65"{ "success": true, "obj": { "privateKey": "mdsa65priv...", "publicKey": "mdsa65pub...", "seed": "random-seed..." }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getNewmlkem768"{ "success": true, "obj": { "clientKey": "mlkem768-client...", "serverKey": "mlkem768-server..." }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/getNewVlessEnc"{ "success": true, "obj": { "auths": [ { "id": 0, "label": "Auth #0", "encryption": "aes-256-gcm", "decryption": "" } ] }}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
application/json
curl -X POST "https://example.com/panel/api/server/stopXrayService"{ "success": true, "msg": "string", "obj": null}{ "success": false, "msg": "Xray is not running"}Reload Xray with the current config. Typically required after structural inbound or routing changes.
API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
application/json
curl -X POST "https://example.com/panel/api/server/restartXrayService"{ "success": true, "msg": "string", "obj": null}{ "success": false, "msg": "Xray config is invalid: ..."}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Xray tag (e.g. v25.10.31) or "latest".
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/installXray/string"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/updatePanel"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/setUpdateChannel" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/updateGeofile" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Filename of the data file to refresh.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/updateGeofile/string"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Number of trailing log lines.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/logs/0" \ -H "Content-Type: application/json" \ -d '{ "level": "info", "syslog": false }'{ "success": true, "obj": "2025/01/01 12:00:00 [INFO] Server started\n2025/01/01 12:00:01 [INFO] Xray is running"}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Path Parameters
Number of trailing log lines.
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/xraylogs/0" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "obj": "2025/01/01 12:00:00 rejected vless proxy example.com reason: no valid user\n2025/01/01 12:00:01 direct freedom ok"}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/importDB"{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/getNewEchCert" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "msg": "string", "obj": null}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/getCertHash" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "obj": [ "e8e2d3..." ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/getRemoteCertHash" \ -H "Content-Type: application/json" \ -d '{}'{ "success": true, "obj": [ "e8e2d3..." ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X GET "https://example.com/panel/api/server/clientIps"{ "success": true, "obj": [ { "clientEmail": "", "id": 0, "ips": null } ]}API token from Settings → Security → API Token. Send as Authorization: Bearer <token>.
In: header
Response Body
application/json
curl -X POST "https://example.com/panel/api/server/clientIps"{ "success": true, "msg": "string", "obj": null}