Proxmox API Authentication to create VM

silenzer

New Member
May 31, 2023
13
0
1
Hello everyone! I'm currently developing a web application using Python requests to create VMs on Proxmox. In the POST request, I include the necessary parameters such as vmid and node, along with some optional parameters. However, I'm encountering a 401 status code when running the code, indicating an authentication issue.

To address this problem, I've attempted to include the username and password in the request data, and the CSRF token and ticket in the request headers. Despite my efforts, I haven't been successful in resolving the issue. I'm wondering if anyone has specific knowledge about the authentication parameters required for this task. Any assistance would be greatly appreciated. Thank you for your support!
 
You can create an API Token via the WebUI by navigating to Datacenter > Permissions > API Tokens > Add. Make sure to setup the user the token will be associated with beforehand (if you don't want to use root@pam).
 
  • Like
Reactions: silenzer
you will have to add an Authorization header with the format PVEAPIToken=USER@REALM!TOKENID=UUID instead of the PVEAuthCookie and CSRFPreventionToken. Also your Content-Type should be application/json.
 
Ah okay thank you. So it should look something like this?
View attachment 51833
(The PVEAPIToken is fake)
No, the header key is Authorization, the value is PVEAPIToken=USER@REALM!TOKENID=UUID, so like this
Code:
'Authorization': 'PVEAPIToken=USER@REALM!TOKENID=UUID'
 
I am really sorry to bother you but did you mean it like this:
1687184595385.png
(Is this the correct format for Authorization)
 
I am really sorry to bother you but did you mean it like this:
View attachment 51834
(Is this the correct format for Authorization)
No, as shown in the example above, your value must include the PVEAPIToken= prefix.

A minimal curl example for listing all nodes might look something like this:
Code:
curl -k -H 'Content-Type: application/json' -H 'Authorization: PVEAPIToken=root@pam!testtoken=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx' https://localhost:8006/api2/json/nodes
 
I am really thankful for your help.

I changed it as I understood it, although it still doesn't work.

1687242738590.png
 
Make sure the token id and token value are correct. What response do you get? Does the user/token has the required ACL permissions to perform the desired API requests?

Edit: Also, try with a basic curl example, only when you are sure the token works and can perform the actions implement it in the programming language of your choice.
 
Last edited:
I have only received one API Token, which follows this format: api@pve!FZ917gBxpdpdji. I'm wondering if there should be a different format for the token or if there is another token like a secret token. Unfortunately, I'm still encountering the 401 Error Code.

I attempted to use the curl command, but it doesn't seem to be working. This suggests that the token might be something else, but I'm uncertain about what it should be. When I execute the curl command for the domain, I receive the source code for the website. However, when I include the path components like /api2/json/nodes, I encounter the following error:
Code:
curl: (3) URL using bad/illegal format or missing URL
 
The token header must definitely look something like this, otherwise you copied the wrong secret value
Code:
Authorization: PVEAPIToken=testuser@pve!testtoken=xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxxxx
 
Last edited:
I found it thank you very much.

Now the 401 Error is replaced by the 501 error. Do you know what the cause could be?
 
501 might indicate that you use the wrong method type for your request, e.g. POST instead of GET...
 
I tried with curl and GET Requet and it worked with 200 but when I try the POST Request I get the 501 error Code.
I found this question:
https://github.com/swayf/proxmoxer/issues/23 where the problem was with the path/url from the request but in my case its exactly like the Proxmox API Documentation:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/qemu.
Code:
response_post = requests.post("https://test.com:8006/api2/json/nodes/test/qemu", data=data_creation, headers=vm_create_headers, verify=False)
 
I tried with curl and GET Requet and it worked with 200 but when I try the POST Request I get the 501 error Code.
I found this question:
https://github.com/swayf/proxmoxer/issues/23 where the problem was with the path/url from the request but in my case its exactly like the Proxmox API Documentation:
https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/qemu.
Code:
response_post = requests.post("https://test.com:8006/api2/json/nodes/test/qemu", data=data_creation, headers=vm_create_headers, verify=False)
Did you test the POST call also via curl or via your code? Maybe your parameters are not okay? Although I would not expect a 501 error code in that case. Also, make sure your payload is valid JSON
 
Did you test the POST call also via curl or via your code? Maybe your parameters are not okay? Although I would not expect a 501 error code in that case. Also, make sure your payload is valid JSON
I tried with curl and via code.

The parameters for the request are data=payload and headers=header and verify=False in the payload I only chose parameters from the documentation.

1687942858814.png

When I do a GET instead of a POST Request I get an empty json fot his path:
api2/json/nodes/xyz/qemu
but if I add the vmid I get data:
api2/json/nodes/xyz/qemu/103/status/current
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!