Issue with API authentication - 401 Unauthorized

[Host_User]

I'm having an issue authentication my API calls with my Proxmox instance. I looked through the Proxmox VE API Authentication wiki however I'm having trouble progressing through the 401 Unauthorized error.

If I try to hit the API via

curl -k -d 'username=root@pam' --data-urlencode 'password=xxxxxxxxx' https://XX.XX.XX.XX:8006/api2/json/access/ticket

I receive a 401 Unauthorized with body:

{"data":null}

My username is set to root@pam and my password is set to the UUID secret copied from the Proxmox UI.

To create the API token, I went to Datacenter --> pve, then Permissions --> API Tokens. I clicked add and created:
- User: root@pam
- Token ID: arbitrary token identifier
- Privilege Separation: unchecked

On the Proxmox host (v7.4-19):

# /var/log/pveproxy/access.log
"POST /api2/json/access/ticket HTTP/1.1" 401 13

# /var/log/syslog
pve pvedaemon[1670]: authentication failure; rhost=::ffff:XX.XX.XX.XX user=root@pam msg=Authentication failure

Is there anything obvious that is incorrect in my workflow, or are there recommended next steps for debugging the 401 Unauthorized error?

 

[dcsapak]

hi,

if i understood you correctly, you want to use your created api token, for that please see: https://pve.proxmox.com/wiki/Proxmox_VE_API#API_Tokens

if you use an api token, you don't have to generate a ticket, but simply include the token+secret in every request in the authorization header

 

[Host_User]

That cleared it up, thank you!

I was incorrectly using the API token to create a ticket and thus was getting the 401 Unauthorized response. I can confirm I am able to get a 200 OK now when using the `Authorization` header with my API token instead.

For those using the Proxmoxer Python library, the corresponding client instantiation method is defined here:
https://proxmoxer.github.io/docs/latest/authentication/#api-token