Title
#fleet
o

oneiroi

09/27/2022, 3:55 PM
Hi All, I'm working on a script to populate policies from existing queries, however when I am sending a POST to https://fleet.fqdn.tld/api/v1/fleet/global/policies following this documentation despite setting the "Authorization: Bearer $TOKEN" header, I keep seeing a 401 Authentication required response , Any ideas what I may be doing wrong ?
Kathy Satterlee

Kathy Satterlee

09/27/2022, 4:01 PM
Testing myself just to see what happens!
4:09 PM
Never hurts to check... everything worked fine for me. It could be that the variable isn't set up properly. How are you sending the request?
o

oneiroi

09/27/2022, 4:15 PM
python requests:
...
    fleetURL = "<https://fleet.FQDN.tld>"
    policyURI = "/api/v1/fleet/global/policies"
    fleet_token = os.getenv("FLEET_TOKEN")
    if not fleet_token:
        getpass("Please enter your FLEET API token:")
    headers = {"Authorization":"Bearer "+fleet_token}
    req = <http://requests.post|requests.post>(fleetURL + policyURI, json=payload, headers=headers)
...
payload for example is built out as follows:
{
  "name": "audit_gatekeeper_disabled",
  "query": "SELECT 1 as compliant WHERE NOT EXISTS (SELECT assessments_enabled AS compliant FROM gatekeeper where compliant !=1);",
  "description": "FleetDM audit check policy foraudit_gatekeeper_disabled",
  "resolution": "Please contact #it-helpdesk on slack for assistance",
  "platform": "darwin"
}
Kathy Satterlee

Kathy Satterlee

09/27/2022, 4:20 PM
What happens if you directly copy/paste your token rather than using the variable?
4:20 PM
(Just for testing purposes)
o

oneiroi

09/27/2022, 4:22 PM
Same response when sending a POST
4:24 PM
🤦‍♂️ p.e.b.k.a.c seems my API token changed and I was not using the latest one
Kathy Satterlee

Kathy Satterlee

09/27/2022, 4:25 PM
Ah! I should have included "fetch your API token again to make sure it's current" to that step. Filing that away for the future 🙂
4:27 PM
It looks like this is something you'll be running on demand rather than on a scheduled basis, so you might want to consider adding a login to the flow.
Benjamin Edwards

Benjamin Edwards

09/27/2022, 4:35 PM
Create API only user IMO. Then token doesn't expire.