You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When I log in using BOSH_CLIENT and BOSH_CLIENT_SECRET set to the username/password of a bosh user, I get 401's from the UAA when trying to run commands like bosh vms.
However, using the same credentials, I'm able to authenticate successfully via an interactive bosh login (with no client/client_secret set). Looking at the UAA logs, in the first case, it is unable to find the user, but in the second case it is happy with it.
This appears to be related to the value of BOSH_CLIENT being a user, rather than a client in the UAA's perspective.
Can the login procedure for non-interactive be updated to match that of the interactive mode, so credentials used in one would work for the other?
The text was updated successfully, but these errors were encountered:
@geofffranks BOSH_CLIENT/SECRET are used with uaa clients (oauth client credential grant). interactive login uses regular uaa users (oauth password grant). regular uaa user login may include sso type questions send from uaa, so it cannot be done consistently in non-interactive mode, hence non-interactive mode only allows uaa clients.
When I log in using BOSH_CLIENT and BOSH_CLIENT_SECRET set to the username/password of a bosh user, I get 401's from the UAA when trying to run commands like
bosh vms
.However, using the same credentials, I'm able to authenticate successfully via an interactive
bosh login
(with no client/client_secret set). Looking at the UAA logs, in the first case, it is unable to find the user, but in the second case it is happy with it.This appears to be related to the value of BOSH_CLIENT being a user, rather than a client in the UAA's perspective.
Can the login procedure for non-interactive be updated to match that of the interactive mode, so credentials used in one would work for the other?
The text was updated successfully, but these errors were encountered: