Web API Reference
The Mezite proxy service exposes a REST-style JSON API on port 3080 (HTTPS) under the /v1/webapi/ prefix. This API powers the web
UI and supports lightweight integrations.
Authentication
POST /v1/webapi/login
Authenticate and receive a session token and short-lived certificates.
curl -X POST https://mezite.example.com:3080/v1/webapi/login \
-H "Content-Type: application/json" \
-d '{"user": "alice", "password": "secret"}'Sessions
GET /v1/webapi/sessions
List recorded SSH sessions. Supports pagination and filtering by user or node.
curl https://mezite.example.com:3080/v1/webapi/sessions \
-H "Authorization: Bearer <token>"Nodes
GET /v1/webapi/nodes
List registered SSH nodes with labels and status.
curl https://mezite.example.com:3080/v1/webapi/nodes \
-H "Authorization: Bearer <token>"Users
GET /v1/webapi/users
List users. Requires admin privileges.
curl https://mezite.example.com:3080/v1/webapi/users \
-H "Authorization: Bearer <token>"Roles
GET /v1/webapi/roles
List RBAC roles. Requires admin privileges.
curl https://mezite.example.com:3080/v1/webapi/roles \
-H "Authorization: Bearer <token>"Audit
GET /v1/webapi/audit
Query audit events. Supports filtering by event type, user, and date range.
curl "https://mezite.example.com:3080/v1/webapi/audit?type=session.start&from=2026-03-01" \
-H "Authorization: Bearer <token>"Browser SSH
Status: Available — Browser-based SSH is implemented with xterm.js terminal emulation. Sessions are authenticated via session cookie and use ephemeral SSH certificates.
WebSocket /v1/webapi/ssh/connect
Upgrade an HTTP connection to a WebSocket for interactive SSH. The server authenticates via the session cookie, issues an ephemeral SSH certificate, and bridges the WebSocket to the target node's SSH session.
Query parameters:
node— target node hostname (required)login— remote login username (default: root)
Example: wss://mezite.example.com:3080/v1/webapi/ssh/connect?node=web1&login=ubuntu
The terminal UI is available at /web/terminal?node=web1&login=ubuntu.