proxpanel/API.md

API Documentation (Core)

Base URL: http://<host>:8080

Health

• GET /api/health

Auth

• POST /api/auth/login
  • Body: { "email": "user@example.com", "password": "..." }
  • Returns: { token, refresh_token, user }
• POST /api/auth/refresh
  • Body: { "refresh_token": "..." }
  • Returns: { token, refresh_token }
• GET /api/auth/me (Bearer token)

Proxmox Operations

• POST /api/proxmox/sync
• POST /api/proxmox/vms/:id/actions/:action
• POST /api/proxmox/vms/:id/migrate
• PATCH /api/proxmox/vms/:id/config
• PATCH /api/proxmox/vms/:id/network
• POST /api/proxmox/vms/:id/disks
• POST /api/proxmox/vms/:id/reinstall
• GET /api/proxmox/vms/:id/console
• GET /api/proxmox/vms/:id/usage-graphs?timeframe=hour|day|week|month|year
• GET /api/proxmox/nodes/:id/usage-graphs?timeframe=hour|day|week|month|year
• GET /api/proxmox/cluster/usage-graphs?timeframe=hour|day|week|month|year

Resources API

Generic secured resource endpoints:

• GET /api/resources/:resource
• GET /api/resources/:resource/:id
• POST /api/resources/:resource
• PATCH /api/resources/:resource/:id
• DELETE /api/resources/:resource/:id

Tenant scope protections are enforced for tenant-scoped resources.

Client Area

• GET /api/client/overview
• GET /api/client/usage-trends
• GET /api/client/machines
• POST /api/client/machines
• PATCH /api/client/machines/:vmId/resources
• POST /api/client/machines/:vmId/power-schedules
• POST /api/client/machines/:vmId/backup-schedules
• GET /api/client/firewall/rules
• POST /api/client/firewall/rules
• PATCH /api/client/firewall/rules/:id
• DELETE /api/client/firewall/rules/:id

Monitoring

• GET /api/monitoring/overview
• GET /api/monitoring/health-checks
• POST /api/monitoring/health-checks
• GET /api/monitoring/alerts/events
• GET /api/monitoring/insights/faulty-deployments
• GET /api/monitoring/insights/cluster-forecast

Rate Limiting

• Global API rate limiting is enabled.
• Auth endpoints use stricter limits.
• When exceeded, API returns HTTP 429.