Not able to login to Kubernetes dashboard using token with service account

Question

I've installed the Kubernetes dashboard, and created a service account user with the appropriate permissions, however logging in with a token fails for some reason.

I see the following logs:

2018/08/17 14:26:06 [2018-08-17T14:26:06Z] Incoming HTTP/2.0 GET /api/v1/csrftoken/login request from 10.244.0.0:34914: {}
2018/08/17 14:26:06 [2018-08-17T14:26:06Z] Outcoming response to 10.244.0.0:34914 with 200 status code
2018/08/17 14:26:06 [2018-08-17T14:26:06Z] Incoming HTTP/2.0 POST /api/v1/login request from 10.244.0.0:34914: {
  "kubeConfig": "",
  "password": "",
  "token": "ZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRwWkNJNklpSjkuZXlKcGMzTWlPaUpyZFdKbGNtNWxkR1Z6TDNObGNuWnBZMlZoWTJOdmRXNTBJaXdpYTNWaVpYSnVaWFJsY3k1cGJ5OXpaWEoyYVdObFlXTmpiM1Z1ZEM5dVlXMWxjM0JoWTJVaU9pSnJkV0psTFhONWMzUmxiU0lzSW10MVltVnlibVYwWlhNdWFXOHZjMlZ5ZG1salpXRmpZMjkxYm5RdmMyVmpjbVYwTG01aGJXVWlPaUpoWkcxcGJpMTFjMlZ5TFhSdmEyVnVMV2RrZG5oM0lpd2lhM1ZpWlhKdVpYUmxjeTVwYnk5elpYSjJhV05sWVdOamIzVnVkQzl6WlhKMmFXTmxMV0ZqWTI5MWJuUXVibUZ0WlNJNkltRmtiV2x1TFhWelpYSWlMQ0pyZFdKbGNtNWxkR1Z6TG1sdkwzTmxjblpwWTJWaFkyTnZkVzUwTDNObGNuWnBZMlV0WVdOamIzVnVkQzUxYVdRaU9pSmtaVEF4TnpRNU15MWhNakE0TFRFeFpUZ3RPRGxrWmkwd09EQXdNamRoTURobFpHTWlMQ0p6ZFdJaU9pSnplWE4wWlcwNmMyVnlkbWxqWldGalkyOTFiblE2YTNWaVpTMXplWE4wWlcwNllXUnRhVzR0ZFhObGNpSjkucHhfMDEwUTBYU2tPMmNhVi1ZYlRDYlllSTNVMVlmcGh3UFZ4TXBOYmF6dWpSM1gtOGVBTUZmbm1GNHlYWHFZWGw5eWlVYmRvQ3lBSl9YcHF5bTlLQThRaWx6MFU3eWZ1WV9BbUg4NmtDNE9hYW5aem1xSmp2N3ZObDY1MU1OeWF0dU5nR0JmU21GZXRCMnoxUkdYRmlIVF9UczljMjh1ZkZiSXNZNkRMVml4Y2JhUS0za2JxOW9PbzZ3NV8zc3ZRQ3dmNjNiTVNaSEpzdkgyUndwVkhkbFJnM3Rmbl9RRUxGcWtJYzZycERibFlUbXZJcVdVaWJjQVdHcXhDRVR6NU5vUGlnbndMaVpuVi1lZFpKZDRpbUJZNU5Ia3FLM0Q0TDgyTnp1NzJkUVU3M3B4T3F5Q3FVSlNhQ3IyVU52eVVucHRENTZTemdtSTBaM0JqUVkyTjFB",
  "username": ""
}
2018/08/17 14:26:06 Non-critical error occurred during resource retrieval: the server has asked for the client to provide credentials
2018/08/17 14:26:06 [2018-08-17T14:26:06Z] Outcoming response to 10.244.0.0:34914 with 200 status code
2018/08/17 14:26:24 Metric client health check failed: the server could not find the requested resource (get services heapster). Retrying in 30 seconds.

Kubernetes version:

kubectl version                                               
Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.7", GitCommit:"dd5e1a2978fd0b97d9b78e1564398aeea7e7fe92", GitTreeState:"clean", BuildDate:"2018-04-19T00:05:56Z", GoVersion:"go1.9.3", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"11", GitVersion:"v1.11.2", GitCommit:"bb9ffb1654d4a729bb4cec18ff088eacc153c239", GitTreeState:"clean", BuildDate:"2018-08-07T23:08:19Z", GoVersion:"go1.10.3", Compiler:"gc", Platform:"linux/amd64"}

Answer 1

As floreks wrote on GitHub :

NOTE: Dashboard should not be exposed publicly over HTTP. For domains accessed over HTTP it will not be possible to sign in. Nothing will happen after clicking Sign in button on login page.

Also, as chrissound wrote:

I've worked around this by giving cluster admin permission to the dashboard user and just clicking 'skip' at the login prompt:

apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kube-system