Retrieve the daemon's ephemeral password (Unix socket only)
const url = 'http://localhost:9477/api/local/credentials';const options = {method: 'GET'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request GET \ --url http://localhost:9477/api/local/credentialsReturns the in-memory ephemeral password to a local CLI/TUI client arriving on the Unix socket. Always 403 over TCP — even with a valid JWT. Always 404 when the daemon is configured with RUNWISP_PASSWORD.
Responses
Section titled “ Responses ”OK
object
A URL to the JSON Schema for this object.
Always true on success — the endpoint refuses to return env-var-supplied passwords.
Ephemeral password generated in memory at boot. Omitted unless ephemeral=true.
Example
{ "$schema": "http://localhost:9477/schemas/LocalCredentialsBody.json"}Headers
Section titled “Headers ”default
Section titled “default ”Error
object
A URL to the JSON Schema for this object.
A human-readable explanation specific to this occurrence of the problem.
Optional list of individual error details
object
Where the error occurred, e.g. ‘body.items[3].tags’ or ‘path.thing-id’
Error message text
The value at the given location
A URI reference that identifies the specific occurrence of the problem.
HTTP status code
A short, human-readable summary of the problem type. This value should not change between occurrences of the error.
A URI reference to human-readable documentation for the error.
Example
{ "$schema": "http://localhost:9477/schemas/ErrorModel.json", "detail": "Property foo is required but is missing.", "instance": "https://example.com/error-log/abc123", "status": 400, "title": "Bad Request", "type": "about:blank"}