[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: service account for rest api



Hi Julio,

the following works for me:
# oc new-project project1
# oc create serviceaccount inciga -n project1
# oc policy add-role-to-user admin system:serviceaccounts:project1:inciga -n project1
# curl -k -H "Authorization: Bearer $(oc sa get-token inciga -n project1)"  -H "Content-Type: application/json" https://192.168.42.199:8443/api/v1/namespaces/project1/replicationcontrollers

Regards,

Frédéric

On Thu, Oct 19, 2017 at 4:58 PM, Julio Saura <jsaura hiberus com> wrote:
yes ofc

oc create serviceaccount icinga -n project1

oadm policy add-cluster-role-to-user admin system:serviceaccounts:project1:icinga

oadm policy reconcile-cluster-roles —confirm

and then dump the token

oc serviceaccounts get-token icing


ty frederic!

i do login with curl but i get 

{
  "kind": "Status",
  "apiVersion": "v1",
  "metadata": {},
  "status": "Failure",
  "message": "User \"system:serviceaccount:project1:icinga\" cannot list replicationcontrollers in project \”project1\"",
  "reason": "Forbidden",
  "details": {
    "kind": "replicationcontrollers"
  },
  "code": 403
}





El 19 oct 2017, a las 16:55, Frederic Giloux <fgiloux redhat com> escribió:

Hi Julio, 

Could you copy the commands you have used?

Regards, 

Frédéric 

On 19 Oct 2017 11:43, "Julio Saura" <jsaura hiberus com> wrote:
Hello

i am trying to create a sa for accessing rest api with token ..

i have followed the doc steps

creating the account, applying admin role to that account and getting the token

trying to access replicacioncontroller info with bearer in curl, i can auth into but i get i have no permission to list rc on the project

i also did a reconciliate role on cluster

i also logged in with oc login passing token as parameter, i log in but it says i have no projects ..

what else i am missing?

ty



_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




--
Frédéric Giloux
Senior Middleware Consultant
Red Hat Germany
________________________________________________________________________
Red Hat GmbH, http://www.de.redhat.com/ Sitz: Grasbrunn,
Handelsregister: Amtsgericht München, HRB 153243
Geschäftsführer: Paul Argiry, Charles Cachera, Michael Cunningham, Michael O'Neill

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]