# WP Cloud Atomic API > Public WP Cloud Atomic API endpoint documentation generated from the public OpenAPI spec for explicit agent and tool handoff. The Atomic API allows Automattic partners to manage their sites hosted on our WP Cloud infrastructure. These sites include the latest released version of WordPress and plugin and theme management, as well as client-specific configuration preferences. Client customers have additional access to their site via phpMyAdmin and password-based SFTP. Version: `1.0.0` Base URL: `https://atomic-api.wordpress.com/api/v1.0/` Use this file as an index. It is not crawler governance; tools or users should explicitly provide the linked Markdown files when they want an agent to use them. ## API Reference - [Agent guide](https://wp.cloud/docs/api/agent-guide.md): Retrieval flow, API-wide rules, and safety notes for agents. - [Endpoint reference index](https://wp.cloud/docs/api/reference.md): Grouped endpoint table with method, path, short description, auth/client notes, and endpoint links. - [OpenAPI JSON](https://wp.cloud/docs/api/openapi.json): Source OpenAPI document used to generate these files. ## Endpoints ### Backups - [Backups index](https://wp.cloud/docs/api/tags/backups.md): 6 endpoints. - [GET /site-backup-get/{service}/{identifier}/{backup_id}](https://wp.cloud/docs/api/endpoints/get-site-backup-get-service-identifier-backup-id.md): Download a site's filesystem or database backup. - [GET /site-backup-info/{service}/{identifier}/{backup_id}](https://wp.cloud/docs/api/endpoints/get-site-backup-info-service-identifier-backup-id.md): Get the details for a single backup. - [GET /site-backups-list/{service}/{identifier}](https://wp.cloud/docs/api/endpoints/get-site-backups-list-service-identifier.md): Get a list of backups for a site. No backup_type path segment; sibling variant includes backup_type: Optional backup type filter. Can specify multiple types. If not present, all types returned. Allowed values: db, fs, ondemand, ondemand-fs, ondemand-db. - [GET /site-backups-list/{service}/{identifier}/{backup_type}](https://wp.cloud/docs/api/endpoints/get-site-backups-list-service-identifier-backup-type.md): Get a list of backups for a site. Includes backup_type path parameter: Optional backup type filter. Can specify multiple types. If not present, all types returned. Allowed values: db, fs, ondemand, ondemand-fs, ondemand-db. - [POST /on-demand-backup/create/{site}/{type}](https://wp.cloud/docs/api/endpoints/post-on-demand-backup-create-site-type.md): Request creation of an on-demand backup for a site. The backup will contain either filesystem data, database data, or both depending on the type specified. Backups are subject to quota limits which can be customized via site or client metadata. - [POST /on-demand-backup/delete/{site}/{backup_id}](https://wp.cloud/docs/api/endpoints/post-on-demand-backup-delete-site-backup-id.md): Request deletion of an existing on-demand backup. Only backups of type "ondemand-fs", "ondemand-db", or legacy "ondemand" can be deleted. ### Client Meta - [Client Meta index](https://wp.cloud/docs/api/tags/client-meta.md): 4 endpoints. - [POST /client-meta/{client}/{key}/add](https://wp.cloud/docs/api/endpoints/post-client-meta-client-key-add.md): Add a new client meta value. - [GET /client-meta/{client}/{key}/get](https://wp.cloud/docs/api/endpoints/get-client-meta-client-key-get.md): Retrieve a client meta value. - [GET /client-meta/{client}/{key}/remove](https://wp.cloud/docs/api/endpoints/get-client-meta-client-key-remove.md): Remove a client meta value. - [POST /client-meta/{client}/{key}/update](https://wp.cloud/docs/api/endpoints/post-client-meta-client-key-update.md): Update an existing client meta value. ### Cron - [Cron index](https://wp.cloud/docs/api/tags/cron.md): 4 endpoints. - [POST /crontab/{site}/add](https://wp.cloud/docs/api/endpoints/post-crontab-site-add.md): Adds a cron entry for a site. - [GET /crontab/{site}/list](https://wp.cloud/docs/api/endpoints/get-crontab-site-list.md): Returns a list of cron entries for a site. - [POST /crontab/{site}/remove](https://wp.cloud/docs/api/endpoints/post-crontab-site-remove.md): Removes a cron entry from a site. - [POST /crontab/{site}/update/{cron_id}](https://wp.cloud/docs/api/endpoints/post-crontab-site-update-cron-id.md): Update an existing cron entry. ### Custom SSL Certificates - [Custom SSL Certificates index](https://wp.cloud/docs/api/tags/custom-ssl-certificates.md): 9 endpoints. - [POST /custom-certificates/{site}/{custom_certificate_id}/activate](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-custom-certificate-id-activate.md): Activate a previously staged custom SSL certificate for use on one or more domains. - [POST /custom-certificates/{site}/{id}/deactivate](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-id-deactivate.md): Deactivate an active custom SSL certificate. If id is omitted, the currently active certificate is deactivated. - [POST /custom-certificates/{site}/{id}/delete](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-id-delete.md): Delete a custom certificate by ID. The certificate must not be active. - [GET /custom-certificates/{site}](https://wp.cloud/docs/api/endpoints/get-custom-certificates-site.md): Retrieve details about a custom certificate for a site. Omit the certificate ID to fetch the currently active custom certificate (if any). No id path segment; sibling variant includes id: ID of the custom certificate to retrieve. If omitted, the currently active certificate for the site is returned. - [GET /custom-certificates/{site}/{id}](https://wp.cloud/docs/api/endpoints/get-custom-certificates-site-id.md): Retrieve details about a custom certificate for a site. Omit the certificate ID to fetch the currently active custom certificate (if any). Includes id path parameter: ID of the custom certificate to retrieve. If omitted, the currently active certificate for the site is returned. - [GET /custom-certificates/{site}/list](https://wp.cloud/docs/api/endpoints/get-custom-certificates-site-list.md): List custom SSL certificates, with optional filtering and pagination. - [POST /custom-certificates/{site}/stage](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-stage.md): Prepare a certificate for use on one or more domains. Does not activate the certificate immediately. - [POST /custom-certificates/{site}/{id}/update](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-id-update.md): Update an existing custom SSL certificate for renewal or rekeying. If id is omitted, the currently active certificate is updated. - [POST /custom-certificates/{site}/validate](https://wp.cloud/docs/api/endpoints/post-custom-certificates-site-validate.md): Validate a custom SSL certificate for use on one or more domains. ### Edge Cache - [Edge Cache index](https://wp.cloud/docs/api/tags/edge-cache.md): 9 endpoints. - [POST /edge-cache/{site}/ddos_until](https://wp.cloud/docs/api/endpoints/post-edge-cache-site-ddos-until.md): Enable or disable Defensive Mode for a site. No domain path segment; sibling variant includes domain: Domain to set Defensive Mode for. Defaults to the site's primary domain. - [POST /edge-cache/{site}/ddos_until/{domain}](https://wp.cloud/docs/api/endpoints/post-edge-cache-site-ddos-until-domain.md): Enable or disable Defensive Mode for a site. Includes domain path parameter: Domain to set Defensive Mode for. Defaults to the site's primary domain. - [GET /edge-cache/{site}](https://wp.cloud/docs/api/endpoints/get-edge-cache-site.md): Endpoint for getting a site's edge cache settings. No action path segment; sibling variant includes action: Action to perform. Allowed values: get, purge, ddos_until. - [GET /edge-cache/{site}/{action}](https://wp.cloud/docs/api/endpoints/get-edge-cache-site-action.md): Endpoint for getting a site's edge cache settings. Includes action path parameter: Action to perform. Allowed values: get, purge, ddos_until. No domain path segment; sibling variant includes domain: Domain for the status request; defaults to the primary domain. - [GET /edge-cache/{site}/{action}/{domain}](https://wp.cloud/docs/api/endpoints/get-edge-cache-site-action-domain.md): Endpoint for getting a site's edge cache settings. Includes domain path parameter: Domain for the status request; defaults to the primary domain. - [GET /edge-cache/{site}/ddos_until](https://wp.cloud/docs/api/endpoints/get-edge-cache-site-ddos-until.md): Fetch the current state of Defensive Mode for a site. No domain path segment; sibling variant includes domain: Optional: domain to fetch the status for. Defaults to the site's primary domain. - [GET /edge-cache/{site}/ddos_until/{domain}](https://wp.cloud/docs/api/endpoints/get-edge-cache-site-ddos-until-domain.md): Fetch the current state of Defensive Mode for a site. Includes domain path parameter: Optional: domain to fetch the status for. Defaults to the site's primary domain. - [POST /edge-cache/{site}/{action}](https://wp.cloud/docs/api/endpoints/post-edge-cache-site-action.md): Endpoint for managing a site's edge cache settings. No domain path segment; sibling variant includes domain: Domain on which to perform the action; defaults to the primary domain. - [POST /edge-cache/{site}/{action}/{domain}](https://wp.cloud/docs/api/endpoints/post-edge-cache-site-action-domain.md): Endpoint for managing a site's edge cache settings. Includes domain path parameter: Domain on which to perform the action; defaults to the primary domain. ### Email - [Email index](https://wp.cloud/docs/api/tags/email.md): 1 endpoint. - [GET /email-block/{client}/{action}/{type}](https://wp.cloud/docs/api/endpoints/get-email-block-client-action-type.md): Manage domains that have been blocked from sending email via the platform-provided mail service. ### Jobs - [Jobs index](https://wp.cloud/docs/api/tags/jobs.md): 6 endpoints. - [GET /job-completion/{id}](https://wp.cloud/docs/api/endpoints/get-job-completion-id.md): Get status of a job by ID. Supports getting a single job via GET with URL parameter, or multiple jobs via POST with body parameter. - [POST /job-completion/{id}](https://wp.cloud/docs/api/endpoints/post-job-completion-id.md): Get status of a job by ID. Supports getting a single job via GET with URL parameter, or multiple jobs via POST with body parameter. - [GET /job-status](https://wp.cloud/docs/api/endpoints/get-job-status.md): Get full status details of one or more jobs by ID. Returns complete job object including status, data, and metadata. No id path segment; sibling variant includes id: (GET) Job ID. - [GET /job-status/{id}](https://wp.cloud/docs/api/endpoints/get-job-status-id.md): Get full status details of one or more jobs by ID. Returns complete job object including status, data, and metadata. Includes id path parameter: (GET) Job ID. - [POST /job-status](https://wp.cloud/docs/api/endpoints/post-job-status.md): Get full status details of one or more jobs by ID. Returns complete job object including status, data, and metadata. No id path segment; sibling variant includes id: (GET) Job ID. - [POST /job-status/{id}](https://wp.cloud/docs/api/endpoints/post-job-status-id.md): Get full status details of one or more jobs by ID. Returns complete job object including status, data, and metadata. Includes id path parameter: (GET) Job ID. ### Logs - [Logs index](https://wp.cloud/docs/api/tags/logs.md): 3 endpoints. - [POST /site-error-logs/{site}](https://wp.cloud/docs/api/endpoints/post-site-error-logs-site.md): Get PHP error log data from a site. Logs are only guaranteed for 28 days; a start timestamp before that may return incomplete data. - [POST /site-logs/{site}](https://wp.cloud/docs/api/endpoints/post-site-logs-site.md): Get web server (nginx) log data from a site. Logs are only guaranteed for 28 days; a start timestamp before that may return incomplete data. - [POST /logs/site/{site}](https://wp.cloud/docs/api/endpoints/post-logs-site-site.md): Get web server (nginx) log data for a site. Logs are only guaranteed for 28 days; a start timestamp before that may return incomplete data. ### Metrics - [Metrics index](https://wp.cloud/docs/api/tags/metrics.md): 2 endpoints. - [POST /site-metrics/{site}](https://wp.cloud/docs/api/endpoints/post-site-metrics-site-summarize.md): Get time series metrics from a site. - [POST /metrics/{type}/{key}](https://wp.cloud/docs/api/endpoints/post-metrics-type-key-summarize.md): Get time series metrics. ### Response Tickets - [Response Tickets index](https://wp.cloud/docs/api/tags/response-tickets.md): 3 endpoints. - [POST /response-ticket/multi-status](https://wp.cloud/docs/api/endpoints/post-response-ticket-multi-status.md): Retrieve the current status of multiple response tickets in a single request. Requires the "response-ticket/multi-status" extended endpoint authorization. - [POST /response-ticket/get/full](https://wp.cloud/docs/api/endpoints/post-response-ticket-get-full.md): Retrieve all data for the response ticket including all messages. - [POST /response-ticket/get/summary](https://wp.cloud/docs/api/endpoints/post-response-ticket-get-summary.md): Retrieve metadata about the response ticket. ### Security - [Security index](https://wp.cloud/docs/api/tags/security.md): 4 endpoints. - [POST /firewall-rules/{site}/add](https://wp.cloud/docs/api/endpoints/post-firewall-rules-site-add.md): Add a new firewall rule for a site. - [GET /firewall-rules/{site}/list](https://wp.cloud/docs/api/endpoints/get-firewall-rules-site-list.md): Get a list of firewall rules for a site. - [POST /firewall-rules/{site}/remove](https://wp.cloud/docs/api/endpoints/post-firewall-rules-site-remove.md): Remove an existing firewall rule from a site. - [POST /malware/scan/{site}](https://wp.cloud/docs/api/endpoints/post-malware-scan-site.md): Scan a site for malware. ### Servers - [Servers index](https://wp.cloud/docs/api/tags/servers.md): 2 endpoints. - [GET /get-available-datacenters/{client}](https://wp.cloud/docs/api/endpoints/get-get-available-datacenters-client.md): Get a list of datacenters with available (non-full, active) servers. - [GET /get-php-versions/{client}](https://wp.cloud/docs/api/endpoints/get-get-php-versions-client-verbose.md): Get a list of available PHP versions, in either simplified (default) or verbose format. ### Sites - [Sites index](https://wp.cloud/docs/api/tags/sites.md): 32 endpoints. - [POST /site-persist-data/{site}](https://wp.cloud/docs/api/endpoints/post-site-persist-data-site.md): Add or remove persistent key-value data for a site. Persistent data is preserved across site resets and clones. Parameters use PHP nested array form encoding: data[key][value]=... to set, data[key][delete]=1 to remove. - [POST /site-allow-ssh-migration/{site}](https://wp.cloud/docs/api/endpoints/post-site-allow-ssh-migration-site.md): Configure a site to accept an incoming SSH migration. Because an SSH migration, by default is a destructive operation (destroying existing files and database data) you must first configure a site as a migration target before creating a migration for it. In this way you must explicitly signal to us that you accept responsibility for this site and its data being deleted by a migration should one be configured for... - [GET /site-convert-db-charset/{service}/{identifier}/{from}/{to}](https://wp.cloud/docs/api/endpoints/get-site-convert-db-charset-service-identifier-from-to.md): Convert a site's tables from a known character set to a specified one. - [POST /create-site/{client}](https://wp.cloud/docs/api/endpoints/post-create-site-client.md): Create a WP Cloud site with the following options. - [POST /delete-site/{service}/{identifier}](https://wp.cloud/docs/api/endpoints/post-delete-site-service-identifier.md): Mark a site for deletion. - [POST /ssl-hsts-preload/{domain}/false](https://wp.cloud/docs/api/endpoints/post-ssl-hsts-preload-domain-false.md): Disable HSTS preload directive. - [POST /ssl-info/{domain}](https://wp.cloud/docs/api/endpoints/post-ssl-info-domain.md): Fetch SSL certificate information. - [GET /get-ips/{client}](https://wp.cloud/docs/api/endpoints/get-get-ips-client.md): Get the IPs for a client; if a domain is included, get suggested IPs if possible for the client. No domain path segment; sibling variant includes domain: Domain name. - [GET /get-ips/{client}/{domain}](https://wp.cloud/docs/api/endpoints/get-get-ips-client-domain.md): Get the IPs for a client; if a domain is included, get suggested IPs if possible for the client. Includes domain path parameter: Domain name. - [GET /get-domain-verification-code/{client}/{domain}](https://wp.cloud/docs/api/endpoints/get-get-domain-verification-code-client-domain.md): Generates the domain verification code, to be used as a TXT record so that a domain can be "claimed" from another WP Cloud client. - [GET /get-site/{site}](https://wp.cloud/docs/api/endpoints/get-get-site-site-extra.md): Get site details by site ID or domain name. - [POST /site-phpmyadmin/{site}](https://wp.cloud/docs/api/endpoints/post-site-phpmyadmin-site.md): Get a time-limited URL for accessing a site's database via phpMyAdmin. - [GET /get-sites/{client}](https://wp.cloud/docs/api/endpoints/get-get-sites-client.md): List a client's sites, generally for auditing purposes. No meta path segment; sibling variant includes meta: The `meta` path may represent one or more supported site meta keys separated by `/`. - [GET /get-sites/{client}/{meta}](https://wp.cloud/docs/api/endpoints/get-get-sites-client-meta.md): List a client's sites, generally for auditing purposes. Includes meta path parameter: The `meta` path may represent one or more supported site meta keys separated by `/`. - [GET /site-alias/{service}/{identifier}/{action}](https://wp.cloud/docs/api/endpoints/get-site-alias-service-identifier-action.md): Manage domain aliases for a site. No domain path segment; sibling variant includes domain: Domain name to add or remove (required when action is "add" or "remove"). - [GET /site-alias/{service}/{identifier}/{action}/{domain}](https://wp.cloud/docs/api/endpoints/get-site-alias-service-identifier-action-domain.md): Manage domain aliases for a site. Includes domain path parameter: Domain name to add or remove (required when action is "add" or "remove"). - [GET /site-meta/{site}/{key}/{action}](https://wp.cloud/docs/api/endpoints/get-site-meta-site-key-action.md): Endpoint for managing site meta. - [POST /site-meta/{site}/{key}/{action}](https://wp.cloud/docs/api/endpoints/post-site-meta-site-key-action.md): Endpoint for managing site meta. - [POST /site-manage-software/{type}/{site}](https://wp.cloud/docs/api/endpoints/post-site-manage-software-type-site.md): Manage a site's software installation and activation. - [POST /reset-db-password/{type}/{site}](https://wp.cloud/docs/api/endpoints/post-reset-db-password-type-site.md): Reset the database password for a site. No new path segment; sibling variant includes new: Use "new" to generate a completely new password. Allowed values: new. - [POST /reset-db-password/{type}/{site}/{new}](https://wp.cloud/docs/api/endpoints/post-reset-db-password-type-site-new.md): Reset the database password for a site. Includes new path parameter: Use "new" to generate a completely new password. Allowed values: new. - [POST /restore-site/{site}](https://wp.cloud/docs/api/endpoints/post-restore-site-site.md): Restore an existing site from a filesystem + database backup pair belonging to that same site. Requires the customer to have set the `allow_restore` site meta to a recent Unix timestamp (within MONTH_IN_SECONDS), and to have suspended the destination site with status 503 via the `suspended` site meta, using the `site-meta` endpoint. - [POST /ssl-retry/{domain}](https://wp.cloud/docs/api/endpoints/post-ssl-retry-domain.md): Retry SSL certificate provisioning. - [POST /ssl-android-compat/{domain}/{enable}](https://wp.cloud/docs/api/endpoints/post-ssl-android-compat-domain-enable.md): Enable/disable certificates compatible with older Android devices. Android compatibility is enabled by default. - [POST /ssl-hsts-subdomain/{domain}/{enable}](https://wp.cloud/docs/api/endpoints/post-ssl-hsts-subdomain-domain-enable.md): Enable/disable HSTS includeSubDomains directive. Includes the preload directive for ease of use. - [POST /ssl-social-crawler-redirect/{domain}/{enable}](https://wp.cloud/docs/api/endpoints/post-ssl-social-crawler-redirect-domain-enable.md): Enable/disable redirect from https to http for social crawlers. This is used to retain share counts between http/https for Facebook/Twitter/LinkedIn, if links were originally shared as http. Social crawler redirect is disabled by default for all new domains since 2022-11-04. - [POST /site-set-chroot/{site}/{desired}](https://wp.cloud/docs/api/endpoints/post-site-set-chroot-site-desired.md): Update the chroot environment for a site. The chroot slug must be one of the allowed values for the client. Queues a job to apply the filesystem changes on the pool server; use the returned job_id to track completion. - [POST /update-site-domain/{service}/{identifier}/{domain}](https://wp.cloud/docs/api/endpoints/post-update-site-domain-service-identifier-domain.md): Update a site's primary domain. No keep path segment; sibling variant includes keep: Old domain retention flag. The old primary domain is kept as an alias by default; pass "false" to remove it instead of keeping it as an alias. - [POST /update-site-domain/{service}/{identifier}/{domain}/{keep}](https://wp.cloud/docs/api/endpoints/post-update-site-domain-service-identifier-domain-keep.md): Update a site's primary domain. Includes keep path parameter: Old domain retention flag. The old primary domain is kept as an alias by default; pass "false" to remove it instead of keeping it as an alias. - [POST /update-site-options/{type}/{site}](https://wp.cloud/docs/api/endpoints/post-update-site-options-type-site.md): Update a site's WordPress options. - [POST /site-wordpress-version/{site}/{version}](https://wp.cloud/docs/api/endpoints/post-site-wordpress-version-site-version.md): Configure a site to use a specific managed version of WordPress. - [GET /check-can-host-domain/{client}/{domain}](https://wp.cloud/docs/api/endpoints/get-check-can-host-domain-client-domain.md): Check whether a domain can be hosted on WP Cloud. Note that this check will return false for valid domains that are already hosted on WordPress.com or WP Cloud infrastructure. ### SSH - [SSH index](https://wp.cloud/docs/api/tags/ssh.md): 16 endpoints. - [POST /ssh-user/{service}/{identifier}/add](https://wp.cloud/docs/api/endpoints/post-ssh-user-service-identifier-add.md): Create a new SSH/SFTP user for a site. Username must be 5+ characters and not all numbers. Password behavior: omit for random password, empty string for no password (key-only auth), or provide specific password. Allowed key types: ssh-rsa (2048-16384 bits), ecdsa-sha2-nistp256 (256 bits), ssh-ed25519 (256 bits). - [POST /alias-pkey/set/{client}/{category}/{name}](https://wp.cloud/docs/api/endpoints/post-alias-pkey-set-client-category-name.md): Create or update, as appropriate, an aliasable public key. - [GET /alias-pkey/get/{client}/{category}/{name}](https://wp.cloud/docs/api/endpoints/get-alias-pkey-get-client-category-name.md): Retrieve a single aliasable public key. - [GET /get-ssh-user/{username}](https://wp.cloud/docs/api/endpoints/get-get-ssh-user-username.md): Retrieve details for an SSH/SFTP user including site ID and timestamps. Validates that the requesting client has access to the user's site. - [GET /alias-pkey/categories/{client}](https://wp.cloud/docs/api/endpoints/get-alias-pkey-categories-client.md): Enumerate your category list. - [POST /alias-pkey/list/{client}/{category}](https://wp.cloud/docs/api/endpoints/post-alias-pkey-list-client-category.md): Enumerate your aliasable public keys, 1000 records at a time. - [GET /ssh-user/{service}/{identifier}/list](https://wp.cloud/docs/api/endpoints/get-ssh-user-service-identifier-list.md): List all SSH/SFTP usernames for a site. - [GET /client-authorized-keys/{client}/{action}](https://wp.cloud/docs/api/endpoints/get-client-authorized-keys-client-action.md): Manage client-level SSH authorized keys that grant access to all sites owned by a client via client-ssh.atomicsites.net. Only available to fully onboarded clients with allowlisted IP addresses. Keys are parsed and validated, with specific SSH options honored (from, command) and enforced (restrict, agent-forwarding, pty)... No id path segment; sibling variant includes id: Key ID (required for "remove" action). - [GET /client-authorized-keys/{client}/{action}/{id}](https://wp.cloud/docs/api/endpoints/get-client-authorized-keys-client-action-id.md): Manage client-level SSH authorized keys that grant access to all sites owned by a client via client-ssh.atomicsites.net. Only available to fully onboarded clients with allowlisted IP addresses. Keys are parsed and validated, with specific SSH options honored (from, command) and enforced (restrict, agent-forwarding, pty). Allowed key types: ssh-rsa... Includes id path parameter: Key ID (required for "remove" action). - [POST /client-authorized-keys/{client}/{action}](https://wp.cloud/docs/api/endpoints/post-client-authorized-keys-client-action.md): Manage client-level SSH authorized keys that grant access to all sites owned by a client via client-ssh.atomicsites.net. Only available to fully onboarded clients with allowlisted IP addresses. Keys are parsed and validated, with specific SSH options honored (from, command) and enforced (restrict, agent-forwarding, pty)... No id path segment; sibling variant includes id: Key ID (required for "remove" action). - [POST /client-authorized-keys/{client}/{action}/{id}](https://wp.cloud/docs/api/endpoints/post-client-authorized-keys-client-action-id.md): Manage client-level SSH authorized keys that grant access to all sites owned by a client via client-ssh.atomicsites.net. Only available to fully onboarded clients with allowlisted IP addresses. Keys are parsed and validated, with specific SSH options honored (from, command) and enforced (restrict, agent-forwarding, pty). Allowed key types: ssh-rsa... Includes id path parameter: Key ID (required for "remove" action). - [GET /ssh-disconnect-all-users/{service}/{identifier}](https://wp.cloud/docs/api/endpoints/get-ssh-disconnect-all-users-service-identifier.md): Queue a job to terminate all active SSH and SFTP connections for a site. Affects both user-level and client-level connections. - [POST /alias-pkey/remove/{client}/{category}/{name}](https://wp.cloud/docs/api/endpoints/post-alias-pkey-remove-client-category-name.md): Delete a single aliasable public key. - [GET /ssh-user/{service}/{identifier}/remove/{username}](https://wp.cloud/docs/api/endpoints/get-ssh-user-service-identifier-remove-username.md): Delete an SSH/SFTP user from a site. Also queues a disconnect job to terminate any active SSH sessions for this user. - [POST /ssh-user/{service}/{identifier}/remove/{username}](https://wp.cloud/docs/api/endpoints/post-ssh-user-service-identifier-remove-username.md): Delete an SSH/SFTP user from a site. Also queues a disconnect job to terminate any active SSH sessions for this user. - [POST /ssh-user/{service}/{identifier}/update/{username}](https://wp.cloud/docs/api/endpoints/post-ssh-user-service-identifier-update-username.md): Update password or SSH key for an existing SSH/SFTP user. Empty password string disables password authentication (key-only). Allowed key types: ssh-rsa (2048-16384 bits), ecdsa-sha2-nistp256 (256 bits), ssh-ed25519 (256 bits). ### Tasks - [Tasks index](https://wp.cloud/docs/api/tags/tasks.md): 3 endpoints. - [POST /task-create/{client}/{type}](https://wp.cloud/docs/api/endpoints/post-task-create-client-type.md): Create a task that will iterate over all client sites. - [POST /task-get/{atomic_task_id}](https://wp.cloud/docs/api/endpoints/post-task-get-atomic-task-id.md): Get the details of a task. - [POST /task-interrupt/{task_id}](https://wp.cloud/docs/api/endpoints/post-task-interrupt-task-id.md): Interrupt an incomplete task. ### Usage - [Usage index](https://wp.cloud/docs/api/tags/usage.md): 1 endpoint. - [POST /usage/{site}](https://wp.cloud/docs/api/endpoints/post-usage-site.md): Get the usage data of a site. ### Webhooks - [Webhooks index](https://wp.cloud/docs/api/tags/webhooks.md): 1 endpoint. - [GET /webhook/failures/{client}](https://wp.cloud/docs/api/endpoints/get-webhook-failures-client.md): Lists recent failed webhook jobs for a client. ## Optional - [Full public API Markdown dump](https://wp.cloud/docs/api/reference-full.md): Exhaustive one-file reference; approximately 261.4 KB and 66,917 tokens. Load only when broad context is needed.