[SOLVED] PBS 4 having problems with API tokens?

[tool666schism]

I know this issue is resolved however I wanted to include my findings. Mainly because I found this post useful to me in narrowing down my issue.

My setup and versioning:
PBS 4.1.4
LXC (docker) homepage v is 1.10.1

The curl command from @meyergru was helpful for me because I kept getting permission check failed. I kept running it after I made permissions changes in pbs.

The working combination for me was adding user permissions and api token permissions to BOTH my homepage user and my homepage api token. Using either the user or the api token does not work in my instance only with both.

View attachment 96364
View attachment 96365

Man.. I am still seriously struggling with getting this working. Even went so far as to give my user and token admin privileges on / and i'm still getting the same dang API Error: Unsupported service endpoint.

I'm at a loss here.

EDIT: Oh my fucking god, I fixed it.

My original YAML

    - Proxmox:
        icon: proxmox.svg
        href: "{{PBS_URL}"
        description: pbs
        ping: "{{PBS_URL}"
        widget:
            type: proxmoxbackupserver
            url: "{{PBS_URL}"
            username: "{{HOMEPAGE_VAR_PBS_USER}}"
            password: "{{HOMEPAGE_VAR_PBS_KEY}}"

Changed the name from -Proxmox: to -PBS: and the issue resolved.. I have no idea why this fixed it but holy shit that was driving me nuts.

 

[meyergru]

1. Of cousre, both the API token and associated user must have the privilege to use the desired services. The paradigm is to have a user with some privileges and be able to delegate these to a token that may have further restrictions.

2. You must get the syntax of the API URL right. One typo or ommission and it will not work. This is especially true because there are special characters which may have to be quoted correctly, according to the context.

3. Be careful with self-signed certificates when you use TLS. The client must trust the API endpoint's CA or have certificate checks turned off. You do not notive this as much with Proxmox itself, because your often can use the certificate fingerprint instead. I use my own CA, not the PVE self-provided certificates.