Overview
Server endpoints manage RestoreCord server configurations. CRUD endpoints support scoped API keys with READ_SERVERS and WRITE_SERVERS. Several helper routes are dashboard utilities using the generic authenticated account middleware and should be treated separately from the public automation API.
- Endpoint group
GET|POST /api/v3/servers- Auth
- Session or API key
- Notes
- List and create server configurations.
- Endpoint group
GET|PATCH|DELETE /api/v3/servers/{serverId}- Auth
- Session or API key
- Notes
- Read, update, and delete a server. Some update fields are plan or owner gated.
- Endpoint group
GET /api/v3/servers/{serverId}/channels- Auth
- Authenticated account
- Notes
- Dashboard helper route using the configured bot; no API-key permission bit is declared in the handler.
- Endpoint group
GET /api/v3/servers/{serverId}/roles- Auth
- Authenticated account
- Notes
- Dashboard helper route using the configured bot; no API-key permission bit is declared in the handler.
- Endpoint group
GET /api/v3/servers/{serverId}/bot/validate- Auth
- Authenticated account
- Notes
- Dashboard helper route that validates bot and guild access; no API-key permission bit is declared in the handler.
- Endpoint group
GET|POST|DELETE /api/v3/servers/{serverId}/permissions- Auth
- Authenticated account with settings access
- Notes
- Server permission-entry helper; no API-key permission bit is declared in the handler.
Server-scoped paths use the internal numeric `servers[].id` value as serverId. Discord guild ids remain `guildId` fields and body values.
List Servers
List owned servers and servers shared with the authenticated account. Shared entries include effective sub-user permissions and the owner's plan role.
/api/v3/serversList servers
Returns owned and shared RestoreCord server configurations.
API key permission: READ_SERVERS
{
"success": true,
"servers": [
{
"id": 42,
"name": "community",
"guildId": "123456789012345678",
"roleId": "987654321098765432",
"picture": "https://imagedelivery.net/.../1024X1024",
"description": "Main community server",
"bgImage": null,
"banner": null,
"createdAt": "2026-06-07T10:30:00.000Z",
"customBotId": 12,
"pullTimeout": null,
"pulling": false,
"importing": false,
"groupName": null,
"vpncheck": true,
"blockAlts": false,
"blockWireless": false,
"passwordLocked": false,
"captcha": true,
"verified": true,
"unlisted": false,
"private": false,
"nsfw": false,
"discovery": false,
"isShared": false,
"accessType": "owner",
"permissions": null,
"ownerRole": "business"
}
],
"total": 1,
"groups": {}
}Response Fields
- Field
servers[].id- Type
- number
- Notes
- Internal RestoreCord server id.
- Field
servers[].guildId- Type
- string
- Notes
- Discord guild id.
- Field
servers[].roleId- Type
- string
- Notes
- Verified role id.
- Field
servers[].accessType- Type
- string
- Notes
ownerorsub-user.
- Field
servers[].permissions- Type
- array | null
- Notes
- Effective sub-user permissions, null for owners.
- Field
groups- Type
- object
- Notes
- User-defined dashboard server grouping map.
Create Server
Create a server configuration using a custom bot and Discord role ids. The handler validates Discord id formats, checks duplicate server names/guilds/role ids, enforces plan server limits, and starts the bot service asynchronously.
/api/v3/serversCreate server
Create a RestoreCord server configuration.
guildIdRequired- Location
- body
- Type
- string
roleIdRequired- Location
- body
- Type
- string
serverNameRequired- Location
- body
- Type
- string
customBotIdRequired- Location
- body
- Type
- string
roleModeOptional- Location
- body
- Type
- number
- Default
- 0
unverifiedRoleIdOptional- Location
- body
- Type
- string
API key permission: WRITE_SERVERS
{
"guildId": "123456789012345678",
"roleId": "987654321098765432",
"serverName": "community",
"customBotId": "555555555555555555",
"roleMode": 0
}{
"success": true,
"message": "Server created successfully.",
"server": {
"id": 42,
"name": "community",
"guildId": "123456789012345678",
"roleId": "987654321098765432",
"customBotId": 12
}
}Plan Limits
- Plan
- Free
- Server limit
- 1
- Plan
- Premium
- Server limit
- 5
- Plan
- Business
- Server limit
- 50
- Plan
- Enterprise
- Server limit
- 50
Get Server
Return a detailed server configuration. Owners and sub-users with any access can read server details. Firewall objects are only included when the caller has firewall access.
/api/v3/servers/{serverId}Get server
Returns detailed settings and access context.
serverIdRequired- Location
- path
- Type
- string
API key permission: READ_SERVERS
{
"success": true,
"server": {
"name": "community",
"guildId": "123456789012345678",
"roleId": "987654321098765432",
"unverifiedRoleId": null,
"roleMode": 0,
"customBotId": 12,
"redirectUrl": null,
"vpncheck": true,
"blockAlts": false,
"blockWireless": false,
"passwordLocked": false,
"ipLogging": true,
"captcha": true,
"additionalPullServers": [],
"discovery": []
},
"access": {
"isOwner": true,
"permissions": []
},
"botInfo": {
"id": 12,
"clientId": "555555555555555555"
}
}The exact get-server response includes many settings and media URLs assembled by local helpers. Treat the example as representative and rely on field presence checks for dashboard-only settings.
Update Server
Patch server settings. The validation schema is intentionally broad because the dashboard uses this route for identity, branding, security, feature flags, discovery, permission entries, firewall shortcut actions, and additional pull servers.
/api/v3/servers/{serverId}Update server
Update any supplied server settings.
serverIdRequired- Location
- path
- Type
- string
nameOptional- Location
- body
- Type
- string
guildIdOptional- Location
- body
- Type
- string
roleIdOptional- Location
- body
- Type
- string
descriptionOptional- Location
- body
- Type
- string | null
redirectUrlOptional- Location
- body
- Type
- string | null
vpncheckOptional- Location
- body
- Type
- boolean
blockAltsOptional- Location
- body
- Type
- boolean
blockWirelessOptional- Location
- body
- Type
- boolean
passwordLockedOptional- Location
- body
- Type
- boolean
ipLoggingOptional- Location
- body
- Type
- boolean
captchaOptional- Location
- body
- Type
- boolean
minAccountAgeOptional- Location
- body
- Type
- number | null
roleModeOptional- Location
- body
- Type
- number
unverifiedRoleIdOptional- Location
- body
- Type
- string | null
additionalPullServersOptional- Location
- body
- Type
- array
pictureOptional- Location
- body
- Type
- string
backgroundOptional- Location
- body
- Type
- string
bannerOptional- Location
- body
- Type
- string
permissionOptional- Location
- body
- Type
- object
firewallRuleOptional- Location
- body
- Type
- object
firewallPasswordOptional- Location
- body
- Type
- object
API key permission: WRITE_SERVERS and, for firewall shortcut updates with API keys, SERVER_FIREWALL.
{
"description": "Main community verification",
"vpncheck": true,
"captcha": true,
"minAccountAge": 7
}{
"success": true,
"message": "Server settings updated successfully.",
"server": {
"name": "community",
"guildId": "123456789012345678",
"roleId": "987654321098765432",
"description": "Main community verification",
"vpncheck": true,
"captcha": true,
"minAccountAge": 7
}
}Update Gates
- Field/action
guildId,roleId- Gate
- Owner only.
- Field/action
background,banner- Gate
- Business or Enterprise.
- Field/action
additionalPullServers- Gate
- Owner only and Business or Enterprise.
- Field/action
- Firewall shortcut objects
- Gate
SERVER_FIREWALLwhen using API key auth.
- Field/action
autoAddMember/ additional pull servers- Gate
- Require
guilds.joinOAuth scope in source.
Delete Server
Delete a server and associated members, firewall data, auth tokens, permissions, migrations, discovery records, feedback, and related rows. Active migrations block deletion.
/api/v3/servers/{serverId}Delete server
Permanently delete one owned server configuration and associated data.
serverIdRequired- Location
- path
- Type
- string
API key permission: WRITE_SERVERS
{
"success": true,
"message": "Server deleted successfully."
}Permission Helpers
These helpers are used by the dashboard for server permission entries.
/api/v3/servers/{serverId}/permissionsGet permission entries
Return server permission entries.
serverIdRequired- Location
- path
- Type
- string
/api/v3/servers/{serverId}/permissionsSet permission entry
Create or update permissions for a Discord user or role id.
serverIdRequired- Location
- path
- Type
- string
typeRequired- Location
- body
- Type
- string
idRequired- Location
- body
- Type
- string
permissionsRequired- Location
- body
- Type
- string[]
/api/v3/servers/{serverId}/permissionsDelete permission entry
Remove permissions for a Discord user or role id.
serverIdRequired- Location
- path
- Type
- string
typeRequired- Location
- body
- Type
- string
idRequired- Location
- body
- Type
- string
Public and Setup Helpers
These routes exist locally but are not general server-management API endpoints.
- Endpoint
GET /api/v3/servers/lookup?id={guildIdOrName}- Auth
- Public
- Purpose
- Looks up a public verification target by id or name. Returns only data needed by public flows.
- Endpoint
POST /api/v3/servers/{serverId}/validate- Auth
- Public/session flow
- Purpose
- Validates a password for a password-locked server and may create a short password session.
- Endpoint
POST /api/v3/servers/verify-ownership/checkandPOST /api/v3/servers/verify-ownership/generate-url- Auth
- Authenticated account
- Purpose
- Ownership verification setup helpers present in local routes.
- Endpoint
DELETE /api/v3/servers/analytics/cache- Auth
- Authenticated/internal
- Purpose
- Analytics cache helper present in local routes; not documented as a public integration endpoint.
Use the dedicated API reference pages for members, migrations, snapshots, firewall, and webhooks. Those server-scoped features live under server paths but have their own contracts.
Status and Errors
- Status/code
200- When it appears
- Successful read, update, delete, helper, or no-data response.
- Status/code
201- When it appears
- Server created.
- Status/code
400 MISSING_FIELD- When it appears
- Required create, permission, or password-validation field missing.
- Status/code
400 INVALID_INPUT/VALIDATION_ERROR- When it appears
- Bad Discord id, server name, URL, role mode, OAuth payload, or update schema.
- Status/code
401 UNAUTHORIZED- When it appears
- Missing auth or invalid configured bot token in helper routes.
- Status/code
403 FORBIDDEN/INSUFFICIENT_PERMISSIONS- When it appears
- Missing API key permission, missing sub-user permission, owner-only field mutation, plan-gated field, or Discord permission failure.
- Status/code
404 NOT_FOUND- When it appears
- Server, bot, guild, role, or helper resource not found or inaccessible.
- Status/code
409 DUPLICATE_RESOURCE- When it appears
- Duplicate server name, guild id, or role id.
- Status/code
409 RESOURCE_IN_USE- When it appears
- Deleting a server with active migrations.
- Status/code
429 RATE_LIMITED- When it appears
- Password validation or helper rate limits.
- Status/code
502 EXTERNAL_SERVICE_ERROR- When it appears
- Discord or bot-service failure while fetching helper data.
- Use internal RestoreCord server ids in
{serverId}path params; useguildIdonly where a body or query field explicitly asks for a Discord guild id. - Use dedicated firewall endpoints instead of the PATCH server firewall shortcut objects for new integrations.
- Handle warnings from channel/role helper routes; some Discord failures return successful empty lists with a warning to support manual entry in the dashboard.