Proxmox API questions about user data


Well-Known Member
Dec 22, 2008
Budapest, Hungary
Let's say my username is "pveuser@pve". If I query ACCESS/USERS, I get all the user data I'm allowed to see, among it my own, but ACCESS/USERS/PVEUSER@PVE gives a 403 Forbidden error.

Problem is I can't GET (or POST) ACCESS/USERS/PVEUSER@PVE to read (or write) my own data, unless I have the User.Modify role. But if I have this role, I can query (and edit) all other users data as well.

I don't understand this design decision, so my questions are:
1. Why can't users query their own data (without any extra permissions) under the endpoint including their own userID (and why doesn't ACCESS/USERS give a 403 Forbidden to a user without User.Modify)
2. Why can't users edit / write their own data (like an email address) without the way too powerful User.Modify role


The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!