I am getting this error while trying to login to the rancher CLI using the bearer token. The command I use is this:
./rancher login https://<SERVER_URL> --token <BEARER_TOKEN>
I am creating the token using the Add Key button on the rancher UI and scoping the generated tokens to the cluster I want to manage.
This is the complete error message:
FATA[0002] Bad response statusCode [401]. Status [401 Unauthorized]. Body: [message=clusterID does not match]
Any ideas? Thanks...
I think I found the solution. While creating the token you should not select any cluster scope.
I found it.
It will not work if a scope is selected when adding an API Key.
--
Cluster-scoped token's primary intended use is for communicating with the kubernetes API for a specific cluster. It also works for Rancher api calls that fall under the cluster endopint. This means a token scoped to cluster c-1234 will work for everything under /v3/clusters/c-1234. The problem is that the cli currently makes calls that are outside of that scope endpoint (directly under /v3).
ref: https://github.com/rancher/rancher/issues/18639
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With