Title: [Enhancement/Bug] Native support for Proxmox API Tokens in apps::proxmox::ve::restapi::plugin
Description
Currently, the Proxmox REST API plugin seems to rely on session-based authentication (username, password, and realm) which triggers a request to the /access/ticket endpoint.
When using Proxmox API Tokens (required for environments where 2FA is enabled and mandatory), the plugin returns UNKNOWN: 401 authentication failure. API Tokens in Proxmox are stateless and do not support the ticket/cookie exchange.
Current Behavior
Using the following arguments results in a 401 error:
Bash
--api-username='user@pve!tokenid' --api-password='uuid-secret'
or
--api-username='user@pve' --api-password='tokenid=uuid-secret'
The plugin fails because it likely attempts to authenticate via the standard login flow instead of injecting the PVEAPIToken header.
Expected Behavior
The plugin should support a dedicated authentication type or recognize the API Token format to use the Authorization header directly.
Verified Working Example (curl)
The API Token itself is valid and works with the following manual request:
Bash
curl -k -H "Authorization: PVEAPIToken=user@pve!tokenid=uuid-secret"
https://<PROXMOX_HOST>:8006/api2/json/nodes
Proposed Change
Add a new option or update the existing logic to support API Tokens:
Option A: A new flag --auth-type=apitoken
Option B: Automatic detection if the username contains a ! and the realm is omitted.
Implementation: The plugin should then inject the header:
Authorization: PVEAPIToken=USER@REALM!TOKENID=SECRET
Environment
Plugin: apps::proxmox::ve::restapi::plugin
Proxmox Version: 9.1.5
Centreon Plugin Version: Global Version: 20260100 (5e6b4c7)
Title: [Enhancement/Bug] Native support for Proxmox API Tokens in apps::proxmox::ve::restapi::plugin
Description
Currently, the Proxmox REST API plugin seems to rely on session-based authentication (username, password, and realm) which triggers a request to the /access/ticket endpoint.
When using Proxmox API Tokens (required for environments where 2FA is enabled and mandatory), the plugin returns UNKNOWN: 401 authentication failure. API Tokens in Proxmox are stateless and do not support the ticket/cookie exchange.
Current Behavior
Using the following arguments results in a 401 error:
Bash
--api-username='user@pve!tokenid' --api-password='uuid-secret'
or
--api-username='user@pve' --api-password='tokenid=uuid-secret'
The plugin fails because it likely attempts to authenticate via the standard login flow instead of injecting the PVEAPIToken header.
Expected Behavior
The plugin should support a dedicated authentication type or recognize the API Token format to use the Authorization header directly.
Verified Working Example (curl)
The API Token itself is valid and works with the following manual request:
Bash
curl -k -H "Authorization: PVEAPIToken=user@pve!tokenid=uuid-secret"
https://<PROXMOX_HOST>:8006/api2/json/nodes
Proposed Change
Add a new option or update the existing logic to support API Tokens:
Option A: A new flag --auth-type=apitoken
Option B: Automatic detection if the username contains a ! and the realm is omitted.
Implementation: The plugin should then inject the header:
Authorization: PVEAPIToken=USER@REALM!TOKENID=SECRET
Environment
Plugin: apps::proxmox::ve::restapi::plugin
Proxmox Version: 9.1.5
Centreon Plugin Version: Global Version: 20260100 (5e6b4c7)