@fbartels it's true! didn't see it
Perhaps it will be good to mention it in the API docs:
Thanks very much for the help, anyway...
This means that, if you want to make a script that calls this API in an automatic way, you must store somewhere the actual password of a real Cloudron user in plain text.
I wish it were possible to create an application API Key from some place in the cloudron panel, and use it to authenticate calls, as it's done in many other similar APIs.