- As far as I know, the realm can only be one of the following: “pam”, “pve”, “ldap”, “ad”, and “openid”. Am I right?
The realm type can be that as of now, but we nowhere guarantee that this won't change in the future – e.g., a new realm type could be added.
Besides that the realm ID itself can be named by the admin for custom realms, the ID must follow the regex
[A-Za-z][A-Za-z0-9\.\-_]+ though, its defined here:
https://git.proxmox.com/?p=pve-acce...=44657865a7e54bba622c63cda6669cc2f2221d9f#l32
I'd advise for using a generic regex to avoid to strict limitations that might hinder your users while not gaining much. Basically one normally only want's to ensure that the app itself cannot be hijacked, but that is better solved with proper serialization and escaping of any user input, not frontend limitations. Albeit for showing a hint in the app if a field's value is valid or invalid it might be useful for UX, but IMO not
that much, this is certainly subjective though.
Is the secret always a UUID?
Yes, and that quite probably won't change, but our implementation does not really depend on that, and (hypothetically) if it turns out there is some problem with the UUID variant we use, we might switch to something else; would quite probably happen on a major release though, and as said, is rather unlikely.
That said, we try hard to record all breaking changes from the API in a dedicated release notes section of major releases, so checking their for changes you might need to adapt your app too is always sensible.
