Skip to main content

PROX000 - Proxmox Authentication Failed

Agent error code #PROX000 indicates that Proxmox VE rejected the API token provided by the agent. The cluster returned HTTP 401 (Unauthorized).

This error is distinct from authorization failures (#PROX001), which occur when the token is valid but lacks the required privileges. Error #PROX000 means the token identifier or secret itself was not accepted.

Common causes include:

  • The token ID or secret in the Knocknoc backend has a typo or trailing whitespace
  • The token secret was lost (Proxmox displays it only once) and a stale value is configured
  • The token was deleted or revoked on Proxmox
  • The user the token belongs to has been disabled
  • The token's Expire date has passed

Steps to Resolve

Verify the Token in Knocknoc

  1. In the Knocknoc admin interface, navigate to the backend configuration for the affected Proxmox Knoc
  2. Confirm the API Token ID is in the form USER@REALM!TOKENID (e.g. knocknoc@pve!agent)
  3. Re-enter the API Token Secret. Save the configuration and wait for the next grant operation

For more details, see the Proxmox setup guide.

Verify the Token on Proxmox

  1. Log into the Proxmox web UI
  2. Navigate to Datacenter > Permissions > API Tokens
  3. Confirm an entry exists matching the token ID configured in Knocknoc
  4. Confirm the Expire column is empty or in the future

Regenerate the Token

If the existing token cannot be verified or is no longer working:

  1. In the Proxmox web UI, navigate to Datacenter > Permissions > API Tokens
  2. Remove the existing token and click Add to create a fresh one for the same user and token ID
  3. Copy the new secret (Proxmox shows it only once)
  4. Update the API Token Secret in the Knocknoc backend configuration

Still Having Issues?

We can help you out, contact us at [email protected].