API - Add user to VM as Administrator

[Miguel Alfaiate]

Hello.

I am trying to integrate Proxmox API into a PHP based tool we have, and I have been able to create a virtual machine, start it up and create a user.

I want to add the created user to the created VM as an administrator of that machine.

$fields = array(
'user' => "{$username}@pve",
'role' => "Administrator",
'path' => "/qemu/{$vmID}"
);


$vmCreationURL = $this->proxmoxHost . "access/acl";

$response = $this->makeRequest($vmCreationURL, $fields);


The make request function makes a post request using curl, it's the same function I use to make the request for creating a VM or starting it up, as well as creating a user. It handles token addition to the request and other stuff such as parsing the response.

Just as an example, this is the logic for creating a new user:

$fields = array(
'userid' => "{$username}@pve",
'password' => $password
);


$vmCreationURL = $this->proxmoxHost . "access/users";

$response = $this->makeRequest($vmCreationURL, $fields);

Exactly the same formate, just the endpoint changes.

When I do the request to that acl endpoint, I get the following error:


POST value: user=user26%40pve&role=Administrator&path=%2Fqemu%2F10055

Request sent to https://[MY HOST]/api2/json/access/acl

HTTP code: 501
Response header HTTP/1.1 501 Method 'POST /access/acl' not implemented
Cache-Control: max-age=0
Connection: close
Date: Tue, 19 Mar 2019 17:26:42 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Tue, 19 Mar 2019 17:26:42 GMT

Response Body {"data":null}


Is this the correct URL to post that information to? Am I using the wrong URL, wrong parameters or what am I missing?

Thank you.

 

[dietmar]

The path parameter seems to be wrong (use "/vms/{vmid}")

https://pve.proxmox.com/wiki/User_Management

 

[Miguel Alfaiate]

I forgot to mention, but I did already try that before.

I tried using both "vms/10055" and "qemu/10055".


Nonetheless, bear in mind that the error seems to point to a different problem, which is the endpoint either not existing or not accepting post requests. Am I using the wrong endpoint?

POST value: user=user26%40pve&role=Administrator&path=%2Fvms%2F10055
Request sent to https://[MY HOST]/api2/json/access/acl
HTTP code: 501
Response header HTTP/1.1 501 Method 'POST /access/acl' not implemented
Cache-Control: max-age=0
Connection: close
Date: Wed, 20 Mar 2019 12:06:06 GMT
Pragma: no-cache
Server: pve-api-daemon/3.0
Content-Length: 13
Content-Type: application/json;charset=UTF-8
Expires: Wed, 20 Mar 2019 12:06:06 GMT


Response Body {"data":null}
Response:

 

[dietmar]

The Path is correct, but the method should be PUT instead of POST.

https://pve.proxmox.com/pve-docs/api-viewer/

 

[Miguel Alfaiate]

Thank you very much!

That API viewer is a life saver!

I have searched for that several times and did not find anything. Have been getting things to work by trial and error, based on some wiki info and such...

 

[zerocrazy]

Hello!
I am trying to find the same way to add a user to a VM through the API but I can't find the way... could you help me by sharing the code or some example please? Thank you

 

[Moayad]

Hi,

With API you need to see this API Viewer [0] the easy way to do that with POSTMAN tool or Burp Suite

Go to: https://localhost:8006/api2/extjs/access/users
Make the Request as POST method then give parameters like

userid=NAME@pam&groups=Administraotrs&expire=0&enable=1&firstname=FIRSTNAME&lastname=LASTNAME&email=USER@EXAMPLE.com&comment=&keys=

If you need to use API with another programming language here [1]


[0] https://pve.proxmox.com/pve-docs/api-viewer/index.html#/access/users
[1] https://pve.proxmox.com/wiki/Proxmox_VE_API

Hope that helps!

 

[zerocrazy]

In the end I made the code like this:

#Create user in node
$allNodes = $proxmox->create('/access/users', [
        'enable' => '1',
        'firstname' => 'ejemplo',
        'expire' => '0',
        'userid' => 'ejemplouser@pve',
        'groups' => 'customer',
        'password' => 'ejemplo123'
    ]);

#Assign user to VM
$allNodes = $proxmox->set('/access/acl', [
        'path' => '/vms/{vmid}',
        'users' => '{user}@{realm}',
        'roles' => 'Administrator'
    ]);

Everything works correctly for me. The bad thing now is that I don't know how to validate a VNC session with an account (without having to log in through the proxmox panel)