How to access admin auth token and API key?

[brylie]

The documentation states:

To find the admin auth token for your admin account, login the web admin tool, and choose “My Account” under the top right gear menu. On that page, you should see your “Admin API Token” listed. Use this in conjunction with your normal API key to make requests to the admin APIs.

However, when following those instructions from a superuser account, I do not see an auth token on the "My Account" page.

How do I access my auth token and admin API key?

[darylrobbins]

I am guessing you created the admin account in question using the api-umbrella.yml initial_superusers functionality?

@GUI It appears that this feature does not assign an authorization token to the admins that it creates, so there is none to be displayed in the admin console. I suspect this is a bug. When the admin console was enhanced to add this functionality, the router wasn't updated accordingly to generate an authorization token for these users when they are created via this path.

In any case, in the mean time, if you create a new admin user from the web console, they will be assigned an authorization key. Unfortunately, you can't delete and recreate your admin users without resorting to the mongo shell and Rails console.

[brylie]

@darylrobbins yes, I created my superuser via the yaml configuration file.

@GUI is there a way to generate the authorization token(s) for the existing superusers?

I don't want to set up a new email account, since we are using third party authentication sources.

[darylrobbins]

Unfortunately, the only way to rectify the issue at the moment is through the backend. You are going to have to connect using Mongo shell to your MongoDB.

1. Install mongo and apg (automatic password generator) using your favorite package manager
2. Use apg to generate as many authentication tokens as you require for the admins in your organization: apg -a 1 -M NCL -m 40 -x 40 -n 1
3. You require a unique authentication token for each admin user
4. Connect to Mongo using the Mongo shell: mongo <server>:<port>/<database> -u <user> -p. Port is likely 27000. Fill in the blanks. You will then be prompted for your password.
5. Update your users: db.admins.update({username: "<admin email>"}, { $set: {authentication_token: '<password from apg>'}})

Good luck!

Correction: My original post had an error in step 5, the collection is named admins, not admin_users. This has now been corrected above. Sorry for the inconvenience.

[GUI]

This does sound like a bug for admin accounts created via the initial_superusers config. Sorry about that, but thanks for pointing this out! I'll try to look into this issue this week.

[brylie]

@GUI any status update on this issue?

[jykae]

I would also like to know what is the situation with this?

Getting started with Admin API should be easier. Where I find admin user & password for mongo client after Umbrella 0.8.0.deb install? Or should authentication be configured for mongo after installation?

[jykae]

Ok. Looks like there's no authentication initially so mongo <server>:<port>/<database> is enough to get in with mongo client. Generating & setting auth_token also worked, and brought instantly auth_token visible for my admin profile.
@GUI However would be great if this could be generated automatically for "initial_superusers" :)

[brylie]

@GUI, any status update? We are still not able to get the auth token for the first Superuser account. Will this be fixed in an upcoming release?

[GUI]

Ah, sorry for dropping the ball on this! I had fixed this while visiting in September: NREL/api-umbrella-router@fa10065 But it looks like there were actually two issues for this (#95), and I didn't see this one to update.

So this will be part of the next package release, which I'm hoping to finally get pushed out soon (I'm aiming for this weekend, but it might be 1-2 weeks).

[brylie]

@GUI, any status update on the 0.9 release? Our new developers are still struggling with this bug.

[GUI]

Sorry about that. I believe we should have new packages published tomorrow.

[GUI]

I've discovered that #192 (comment) is still an issue in the new stack. Since that impacts initial installations, I'd really like to get that fixed before releasing the new stable packages. That unfortunately means it's going to push the new package release out a couple more days. Sorry! I'll aim to get something release Friday, but apologies for the delays!

[GUI]

v0.9 was released Friday, which should solve this issue.