Web Panel

The Rustmail web panel provides browser-based administration for managing tickets, configuration, and permissions.

Enabling the Panel

The panel is optional and requires OAuth2 configuration. See Configuration for setup instructions.

[bot]
enable_panel = true
client_id = 123456789012345678
client_secret = "your_oauth2_client_secret"
redirect_url = "https://panel.example.com/api/auth/callback"

Accessing the Panel

Default URL

The panel runs on port 3002:

Local: http://localhost:3002
Network: http://<server-ip>:3002

With Reverse Proxy

When using a reverse proxy with a custom domain:

https://panel.example.com

See Configuration for proxy setup.

Authentication

Click Login on the panel homepage
You are redirected to Discord’s OAuth2 authorization
Authorize the application
Discord redirects back to the panel
A session is created

Sessions persist across browser restarts. Click Logout to end your session.

Access Requirements

Panel access requires one of:

Being listed in panel_super_admin_users
Having a role listed in panel_super_admin_roles
Having been granted permissions through the panel

Panel Sections

Dashboard

The home view displays:

Bot status (online/offline)
Active ticket count
Quick statistics

Tickets

View and manage active tickets:

List of all open tickets
User information
Ticket creation time
Quick actions

Configuration

Modify bot settings without editing config.toml:

Change bot status/presence
Update welcome and close messages
Toggle features

Changes take effect immediately without restart.

API Keys

Manage API keys for external integrations:

Create new API keys
Set permissions per key
Revoke or delete keys
View last usage time

Administration

For super administrators:

Manage panel permissions
Grant access to users and roles
View audit information

Permission System

Super Administrators

Defined in config.toml:

[bot]
panel_super_admin_users = [123456789012345678]
panel_super_admin_roles = [987654321098765432]

Super administrators have:

Full panel access
Ability to grant permissions to others
Access to all tickets and settings

Granted Permissions

Super administrators can grant specific permissions to users or roles through the Administration section.

Available permissions:

View tickets
Manage tickets
View configuration
Edit configuration
Manage API keys

API Keys

API keys allow external applications to create tickets in Rustmail without going through the panel or Discord.

What Are API Keys For?

API keys provide access to the External API (/api/externals/* endpoints). Common use cases:

Website integration - Let users create support tickets from your website
Cross-platform support - Connect Rustmail to other support tools
Automation - Create tickets from scripts, forms, or other bots

API keys do not grant access to panel features (bot control, configuration, etc.). Those require logging in through the panel.

Creating a Key

Navigate to API Keys in the panel
Click Create New Key
Enter a descriptive name (e.g., “Website Contact Form”)
Optionally set an expiration date
Copy the generated key immediately (it won’t be shown again)

Using API Keys

Include the key in the X-API-Key header when calling external endpoints:

X-API-Key: rustmail_your_api_key_here

Example: Create a ticket from an external source

curl --request POST \
  --url 'https://panel.example.com/api/externals/tickets/create' \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: rustmail_350e97ec369e3b8afe133d1154d6eb8f...' \
  --data '{"discord_id": "123456789012345678"}'

See API Reference for all available external endpoints.