Skip to content



Permissions are assigned to roles. API keys, users and/or TLS certificates can be assigned to a given role. All API calls are authenticated using a role, i.e. either through the use of an API key, authenticated user or TLS certificate.


Permissions are typically granted for a specific virtual server. However, these can also be assigned globally across all virtual servers on the NS instance, granting the specified permission on every virtual server.

Permission Actions
* Managing API keys of the authenticated role.
sessions Day-to-day user interactions: logins, push logins, viewing user details and attributes, viewing account details, transactions.
users User management, assigning roles to users.
accounts Account management.
servers Management of virtual server attributes, viewing virtual server settings and permissions.
createserver Updating virtual server settings, deleting virtual servers.
root All of the above, granting permissions to roles.

* No specific permission is required.

Global permissions are needed for the following actions:

Global Permission Actions
servers Management of global attributes and privileged virtual server-specific attributes.
createserver Creating a new virtual server on the nextAuth Server instance.