[TUTORIAL] How To Get and use PVE Tickets

M

maomaocake

Member
Feb 13, 2022
47
5
13
22
So I had a project where I needed to login with username and password instead of a Token and I could not find any documentation. I spent around an hour looking thru the perl API (I do not code in perl so the syntax was totally alien to me) so I thought I would share it for other.

Firstly we will need at Ticket to access any other resources, to get a ticket we will send a POST request to
Code: 
http://{yourserver}:8006/api2/json/access/ticket
.
You will need to set the query parameters with your username, password, realm and otp if configured like so
Code: 
https://{server}:8006/api2/json/access/ticket?username={username}&password={password}&realm={pam}

After which you will get back a JSON containing a ticket and CSRFPreventionToken, we will set these 2 parameters as a header.
The CSRFPreventionToken uses the Header name CSRFPreventionToken and the ticket uses the header name cookie, however the ticket needs to be pre-pended with PVEAuthCookie= before being sent.

Congrats You now can use logins with your username and password.
 
I had the same problem. The documentation can be clearer and make less assumptions about the reader's knowledge.
 
Last edited:
@maomaocake One comment about using query parameters: since this is in the URL, it may end up in logs (not where you want a username/password combo). I would recommend putting the key/value pairs in an application/json encoded body or application/x-www-form-urlencoded body instead. Then the user's credentails are less likely to be logged somewhere.

Code: 
POST /api2/json/access/ticket HTTP/1.1
Content-Type: application/json; charset=utf-8
Host: example.com:8006
Connection: close
Content-Length: 49

{"username":"apiuser@pve","password":"testtest"}
 
Last edited:
You must log in or register to reply here.
Top Bottom