Scott Blake
03/09/2022, 2:08 PMfleetctl get ...
commands.Noah Talerman
03/09/2022, 2:35 PMfleetctl
commands.
API-only users do not have permissions to access the Fleet UI.Scott Blake
03/09/2022, 2:50 PMfleetctl config set --token
and it complains that I need to login.Noah Talerman
03/09/2022, 3:15 PMthen doThis is unexpected. Sorry that you’re experiencing this issue. If you’re able to, can you please include theand it complains that I need to login.fleetctl config set --token
fleetctl config
command you ran and the output in this thread (withholding any tokens/credentials) ? This way the Fleet team can attempt to reproduce the issue.
The documentation is a bit lacking in this area.Agreed. I filed an issue to improve the docs here: https://github.com/fleetdm/fleet/issues/4533
fleetctl login
command and enter the “API-only” user’s credentials when prompted.
Then, after successful login, you can run fleetctl get
commands.Scott Blake
03/09/2022, 3:19 PMforce_password_reset
is true
. I figure that's why the session is invalid. I just deleted and re-created my api-only user and that flag is still true.Noah Talerman
03/09/2022, 4:20 PMI noticed thatAh, got it. This is not an ideal experience when creating an “API-only” user via CLI because, currently, the only way to trigger this password reset (and setisforce_password_reset
true
force_password_reset
to false
is by logging in via the UI.Scott Blake
03/09/2022, 4:44 PMNoah Talerman
03/09/2022, 10:02 PM