[PR #108] [MERGED] Allow token authentication #235

New issue

Closed

opened 2026-02-28 00:41:19 +03:00 by kerem · 0 comments

kerem commented

2026-02-28 00:41:19 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/Telmate/proxmox-api-go/pull/108
Author: @mraerino
Created: 3/20/2021
Status: ✅ Merged
Merged: 3/20/2021
Merged by: @ggongaware

Base: master ← Head: feat/api-token-auth

📝 Commits (1)

1d41b50 Allow token authentication

📊 Changes

2 files changed (+21 additions, -1 deletions)

View changed files

📝 proxmox/client.go (+12 -0)
📝 proxmox/session.go (+9 -1)

📄 Description

Proxmox allows people to create API tokens with limited privileges that can be rotated without deleting a user account. It is usually useful for giving automated systems specific access to parts of the Proxmox API, e.g. a single VM resource pool.

API tokens allow stateless access to most parts of the REST API by another system, software or API client. Tokens can be generated for individual users and can be given separate permissions and expiration dates to limit the scope and duration of the access. Should the API token get compromised it can be revoked without disabling the user itself.
https://pve.proxmox.com/wiki/User_Management#pveum_tokens

The current authentication flow used for the Proxmox client is not compatible though:

POST /api2/json/access/ticket
This API endpoint is not available for API tokens.
https://pve.proxmox.com/pve-docs/api-viewer/#/access/ticket (POST tab)

Instead the required auth flow for API tokens is described here:

To use an API token, set the HTTP header Authorization to the displayed value of the form PVEAPIToken=USER@REALM!TOKENID=UUID when making API requests
https://pve.proxmox.com/wiki/User_Management#pveum_tokens

Adds a new method SetAPIToken on the Client and Session to use this method.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/Telmate/proxmox-api-go/pull/108 **Author:** [@mraerino](https://github.com/mraerino) **Created:** 3/20/2021 **Status:** ✅ Merged **Merged:** 3/20/2021 **Merged by:** [@ggongaware](https://github.com/ggongaware) **Base:** `master` ← **Head:** `feat/api-token-auth` --- ### 📝 Commits (1) - [`1d41b50`](https://github.com/Telmate/proxmox-api-go/commit/1d41b505d7fc5f993d43583e3a157869ec93d4af) Allow token authentication ### 📊 Changes **2 files changed** (+21 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `proxmox/client.go` (+12 -0) 📝 `proxmox/session.go` (+9 -1) </details> ### 📄 Description Proxmox allows people to create API tokens with limited privileges that can be rotated without deleting a user account. It is usually useful for giving automated systems specific access to parts of the Proxmox API, e.g. a single VM resource pool. > API tokens allow stateless access to most parts of the REST API by another system, software or API client. Tokens can be generated for individual users and can be given separate permissions and expiration dates to limit the scope and duration of the access. Should the API token get compromised it can be revoked without disabling the user itself. > _https://pve.proxmox.com/wiki/User_Management#pveum_tokens_ The current authentication flow used for the Proxmox client is not compatible though: > `POST /api2/json/access/ticket` > This API endpoint is not available for API tokens. > _https://pve.proxmox.com/pve-docs/api-viewer/#/access/ticket (POST tab)_ Instead the required auth flow for API tokens is described here: > To use an API token, set the HTTP header Authorization to the displayed value of the form `PVEAPIToken=USER@REALM!TOKENID=UUID` when making API requests > _https://pve.proxmox.com/wiki/User_Management#pveum_tokens_ --- Adds a new method `SetAPIToken` on the `Client` and `Session` to use this method. _Related to https://github.com/hashicorp/packer/pull/10797_ --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>