Unable to create API keys for an user using curl

Below is the curl command:

curl --header “Content-Type: application/json” --request POST --data ‘{“type”:“apikey”,“accountId”:“1a405”,“name”:“test”}’ http://IPADDRESS:PORT/v2-beta/apikey

Error:

{“id”:“a201401f-5d3f-43bd-a5c0-4ef651e406e6”,“type”:“error”,“links”:{},“actions”:{},“status”:401,“code”:“Unauthorized”,“message”:“Unauthorized”,“detail”:null,“baseType”:“error”}

I want to create API keys without giving auth as input. What is the error in this curl command.

Access control is always on. It would serve no purpose is anybody could request an API key without providing credentials first.

1 Like

Thanks for the info.

The initial account is admin / admin, so if you want to automate everything you can start with logging in with that, changing the password, and then generating an API key… Something like this (assuming the server is on localhost)

# Login token good for 1 minute
LOGINTOKEN=`curl -k -s 'https://127.0.0.1/v3-public/localProviders/local?action=login' -H 'content-type: application/json' --data-binary '{"username":"admin","password":"admin","ttl":60000}' | jq -r .token`

# Change password
curl -k -s 'https://127.0.0.1/v3/users?action=changepassword' -H 'Content-Type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"currentPassword":"admin","newPassword":"something better"}'

# Create API key good forever
APIKEY=`curl -k -s 'https://127.0.0.1/v3/token' -H 'Content-Type: application/json' -H "Authorization: Bearer $LOGINTOKEN" --data-binary '{"type":"token","description":"for scripts and stuff"}' | jq -r .token`
echo "API Key: ${APIKEY}"

# Set server-url
curl -k -s 'https://127.0.0.1/v3/settings/server-url' -H 'Content-Type: application/json' -H "Authorization: Bearer $APIKEY" -X PUT --data-binary '{"name":"server-url","value":"https://your-rancher.com/"}'

# Do whatever else you want
2 Likes

Thanks for your detailed response @vincent