Getting started
Setup guide
Follow these steps to connect PVE Guard to your Proxmox VE cluster.
1) Create an API token in Proxmox
- Log in to your Proxmox web UI.
- Go to Datacenter โ Permissions โ API Tokens.
- Click Add and select a user (e.g.
root@pam). - Choose a Token ID (e.g.
pveguard). - Uncheck "Privilege Separation" if you want full access.
- Click Add and copy the token value โ it is only shown once.
Important: Copy the full token value immediately. Proxmox will not show it again after closing the dialog.
Expected result: You have a token in the format
root@pam!pveguard=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.
2) Add the cluster in PVE Guard
- Open PVE Guard on your iPhone.
- Tap Add Server.
- Enter the Proxmox host URL (e.g.
https://192.168.1.100:8006). - Enter your API Token ID (e.g.
root@pam!pveguard). - Enter the Token Secret.
- Tap Connect.
Expected result: PVE Guard connects and shows your cluster dashboard with nodes, VMs, and containers.
3) Self-signed certificates
Proxmox uses self-signed certificates by default. PVE Guard will ask you to trust the certificate on first connection.
If you see a certificate error, see Troubleshooting.
4) Permissions
For full functionality (start/stop VMs, view all nodes), the API token needs sufficient permissions. Using root@pam with "Privilege Separation" unchecked gives full access.
For read-only monitoring, you can create a dedicated user with the PVEAuditor role.
Note: With a restricted token, some features (e.g. VM actions, console) may not be available.