one request: for those devices behind a router at home it would be nice to change the rest api port to a āonly rest api portā. at the moment the api uses the port on which the gui is also available right? I would not like to forward the the GUI port and set a password on my devices in my private network only to make the api available for the āoutsideāā¦
Why? Everything you can do with the GUI, you can do with the REST API (and vice versa). Why restrict one, but not the other?
because for the api I need a key for accessing it. but I donāt want to add a password for the gui in my private home-net (which I will need to setup if I forward the port) 
No, you do not need an API key to access the REST API if you donāt have a password on the GUI.
wot?
Was it clearer the second time? 
yes 
but I donāt get the point why. my case: I donāt want to enter user&pw everytime Iāll have a look on syncthing and making my ui public. I just need to use the api (secured by a key)
You could always run Syncthing through a proxy layer, e.g. sit it behind nginx. Then do evil stuff like get nginx to specify the username+password when it forwards connectionsā¦
if I was a technical minded maybeā¦ but what about emily b. from a.?
imho the api and the gui are completely different features for completely different usecases. (see above) Iād like to build up a online-syncthing management Platform which I could run 24/7 on a server. for that purpose I ONLY need the api and not the Guiā¦
Whoevever she is, she probably isnāt writing a client which uses the REST API, so it isnāt an issue for her .
The GUI and REST API do the same thing. They are covered by the same authentication mechanisms.
Besides, you should really be using SyncTrayzor, which handles the GUI authentication without you having to input anything.
but she is able to run syncthing on her home devicesā¦
yes sure but why āopeningā the Gui if I only need the api and vice versa?
also remote devices?
ā¦and Syncthing will listen on 127.0.0.1, and no-one else will be able to connect to it. Therefore she wonāt need a password. Therefore everything is fine.
It is ONLY when you want to connect to Syncthing from another machine that you need to mess around with passwords, and āemily b. from a.ā wonāt be doing this, so this entire discussion is completely irrelevant for her.
Thatās not English, and I donāt understand it.
You misunderstand. With SyncTrayor you can set a GUI password, and youāll never have to type it into anywhere.
Iām not really following the stuff above, but the GUI is only a thin layer on top of the API. Basically the GUI is just the API + some static files. If you donāt load those static files, thereās no cost to the GUI. So disabling the GUI and keeping the API doesnāt make much sense to me.
okā¦ maybe you misunderstoodā¦ my plan is to build up a little platform to manage all my (not emilys) devices remote from one place. for that purpose I need the api - and only the api. I would not like to setup a GUI password only to use the api for remote access via forwarded portā¦
He wants:
- The GUI to be only accessible to localhost, no password
- The REST API to be accessible from anywhere, and require an API key
I understand all of that. Now please read what I said.
I did - and it doesnāt makes it better 
I think you did not get my intents 
my idea is to use my local GUI without setting up a pw, syntrayzor or any other stuff. Iām fine with it like it is! why installing nginx, synctrayzor or other stuff?
I just thought of forwaring a port up to use the api 
Well it obviously isnāt fine the way it is, otherwise you wouldnāt be asking for things
harharā¦ 
Iām serious though. Youāve got a problem. Iām suggesting solutions. Then you come back with āIām fine like it is! I donāt need solutionsā.
If youāve got a problem, why donāt you need a solution to it?