Signed-off-by: Hannes Duerr <[email protected]> --- pveum.adoc | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/pveum.adoc b/pveum.adoc index 25e10ef..6219363 100644 --- a/pveum.adoc +++ b/pveum.adoc @@ -87,11 +87,15 @@ much more maintainable access control list. API Tokens ---------- -API tokens allow stateless access to most parts of the REST API from another -system, software or API client. Tokens can be generated for individual users -and can be given separate permissions and expiration dates to limit the scope -and duration of the access. Should the API token get compromised, it can be -revoked without disabling the user itself. +API tokens allow stateless access to most parts of the REST API from +another system, software, or API client. Exceptions are endpoints that +provide access to the VM or System console. These endpoints require +user privileges and can not be accessed via API token. +Tokens can be generated for individual users and can be given separate +permissions and expiration dates to limit the scope and duration of +the access. Should the API token get compromised, it can be revoked +without disabling the user itself. + API tokens come in two basic types: -- 2.47.3
