* [PATCH pve-docs] api token: mention that guest/sys console cannot be accessed by an API token.
@ 2026-02-27 10:26 Hannes Duerr
0 siblings, 0 replies; only message in thread
From: Hannes Duerr @ 2026-02-27 10:26 UTC (permalink / raw)
To: pve-devel
Signed-off-by: Hannes Duerr <h.duerr@proxmox.com>
---
pveum.adoc | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/pveum.adoc b/pveum.adoc
index 25e10ef..6219363 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -87,11 +87,15 @@ much more maintainable access control list.
API Tokens
----------
-API tokens allow stateless access to most parts of the REST API from another
-system, software or API client. Tokens can be generated for individual users
-and can be given separate permissions and expiration dates to limit the scope
-and duration of the access. Should the API token get compromised, it can be
-revoked without disabling the user itself.
+API tokens allow stateless access to most parts of the REST API from
+another system, software, or API client. Exceptions are endpoints that
+provide access to the VM or System console. These endpoints require
+user privileges and can not be accessed via API token.
+Tokens can be generated for individual users and can be given separate
+permissions and expiration dates to limit the scope and duration of
+the access. Should the API token get compromised, it can be revoked
+without disabling the user itself.
+
API tokens come in two basic types:
--
2.47.3
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-02-27 10:25 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-27 10:26 [PATCH pve-docs] api token: mention that guest/sys console cannot be accessed by an API token Hannes Duerr
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox