I have been trying to play with the SDN iPAM plugin for phpipam. The thing is it appears some of their API requirements have changed whereby they "suggest" using dynamic user authentication now and static authentication requires SSL on the phpiPAM server.
https://phpipam.net/api/api_documentation/
Section 2.1)
However, it also seems if you are using a Load balancer or reverse proxy in front that does not work to satisfy the SSL requirement either for the AP Token w/SSL to work
https://github.com/phpipam/phpipam/issues/4436
The current plugin simply asks for a URL and an App token, but the later versions have seeminly remove the non-SSL use of the apptoken in favor of a user token (Dynamic auth) where a token is generated each login.
These are now the only API App security options available as "none" seems to have been removed as well.
User token appears to be the nw preferred method but does not work with the current proxmox phpIPAM plugin as it will not change with the dynamic requirement it appears to assume the "app code" option which now as stated requires SSL (but not via reverse proxy)
It's gotten me into a bit of a loop with no way to get this to work and it seems the changes to phpiPAM might be solved with an update to the proxmox phpipam plugin itself.
I guess I am asking if there is any way to log this as an enhancement to the phpIPAM plugin to allow it to work with user tokens (non-SSL) due to some of these changes in the IPAM product itself? It seems the PVE plugin is now possibly dated in it's implementation with 1.7+ versions of phpIPAM
https://phpipam.net/api/api_documentation/
Section 2.1)
However, it also seems if you are using a Load balancer or reverse proxy in front that does not work to satisfy the SSL requirement either for the AP Token w/SSL to work
https://github.com/phpipam/phpipam/issues/4436
The current plugin simply asks for a URL and an App token, but the later versions have seeminly remove the non-SSL use of the apptoken in favor of a user token (Dynamic auth) where a token is generated each login.
These are now the only API App security options available as "none" seems to have been removed as well.
User token appears to be the nw preferred method but does not work with the current proxmox phpIPAM plugin as it will not change with the dynamic requirement it appears to assume the "app code" option which now as stated requires SSL (but not via reverse proxy)
It's gotten me into a bit of a loop with no way to get this to work and it seems the changes to phpiPAM might be solved with an update to the proxmox phpipam plugin itself.
I guess I am asking if there is any way to log this as an enhancement to the phpIPAM plugin to allow it to work with user tokens (non-SSL) due to some of these changes in the IPAM product itself? It seems the PVE plugin is now possibly dated in it's implementation with 1.7+ versions of phpIPAM