[pve-devel] [RFC 12/23] API: add API token API endpoints

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Oct 22 15:32:59 CEST 2019


On 10/22/19 3:22 PM, Fabian Grünbichler wrote:
> On October 22, 2019 1:44 pm, Tim Marx wrote:
>> Do we really want a enable/disable property?
>> Wouldn't it be enough to delete the token?
> 
> there's a difference though. I might have configured the token on X 
> systems, but want to temporarily disable it. since the actual token 
> value is generated on creation by the server, if I need to delete the 
> token to disable it I then have to re-configure all clients with the new 
> token after (re-)creation..
> 

In which usage scenario does above make sense?

Either the token is there and usable or not, a temporary disable does
not makes much sense, or? I mean, just don't start the services that
will use it. And if the trust is gone it won't come ever back again for
a token.





More information about the pve-devel mailing list