Hi All, I'm working on a script to populate policies from existing queries, however when I am sending a POST to https://fleet.fqdn.tld/api/v1/fleet/global/policies following this documentation despite setting the "Authorization: Bearer $TOKEN" header, I keep seeing a 401 Authentication required response , Any ideas what I may be doing wrong ?

Testing myself just to see what happens!

python requests:

...
    fleetURL = "<https://fleet.FQDN.tld>"
    policyURI = "/api/v1/fleet/global/policies"
    fleet_token = os.getenv("FLEET_TOKEN")
    if not fleet_token:
        getpass("Please enter your FLEET API token:")
    headers = {"Authorization":"Bearer "+fleet_token}
    req = <http://requests.post|requests.post>(fleetURL + policyURI, json=payload, headers=headers)
...

payload for example is built out as follows:

{
  "name": "audit_gatekeeper_disabled",
  "query": "SELECT 1 as compliant WHERE NOT EXISTS (SELECT assessments_enabled AS compliant FROM gatekeeper where compliant !=1);",
  "description": "FleetDM audit check policy foraudit_gatekeeper_disabled",
  "resolution": "Please contact #it-helpdesk on slack for assistance",
  "platform": "darwin"
}

What happens if you directly copy/paste your token rather than using the variable?

Same response when sending a POST

Ah! I should have included "fetch your API token again to make sure it's current" to that step. Filing that away for the future 🙂

Create API only user IMO. Then token doesn't expire.