apitoken: use CAUTION for token-only-once-visible note

[pve-docs.git] / pveum.adoc

diff --git a/pveum.adoc b/pveum.adoc
index 317f030616e9139417fe875ecb9693334f5b73d2..690dac322aef4e9d2bfae1b698f10141b66313bc 100644 (file)
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -79,11 +79,11 @@ much shorter access control list which is easier to handle.
 API Tokens
 ~~~~~~~~~~
 
-API tokens allow stateless access to most parts of the REST API by 
-another system, software or API client. Tokens can be generated for 
-individual users and can be given separate permissions and expiration 
-dates to limit the scope and duration of the access. Should the API 
-token get compromised it can be revoked without disabling the user itself.
+API tokens allow stateless access to most parts of the REST API by another
+system, software or API client. Tokens can be generated for individual users
+and can be given separate permissions and expiration dates to limit the scope
+and duration of the access. Should the API token get compromised it can be
+revoked without disabling the user itself.
 
 API tokens come in two basic types:
 
@@ -93,8 +93,8 @@ API tokens come in two basic types:
 * full privileges: the token permissions are identical to that of the
   associated user.
 
-WARNING: The token value is only displayed/returned once when the token is
-generated. It cannot be retrieved over the API at a later time!
+CAUTION: The token value is only displayed/returned once when the token is
+generated. It cannot be retrieved again over the API at a later time!
 
 To use an API token, set the HTTP header 'Authorization' to the displayed value
 of the form `PVEAPIToken=USER@REALM!TOKENID=UUID` when making API requests, or