OCM, ROSA CLI: Tokens expiring and will require CLI tool update

Solution Verified - Updated -

Environment

  • OCM Command line interface client application < 0.1.60
  • ROSA Command line interface client application < 1.1.3

Issue

  • Users running older versions of the OCM CLI and/or ROSA CLI tools will need to update to newer versions to accomodate backend API changes in order to authenticate.

    • Bearer tokens for OCM CLI and ROSA CLI tools expire today and require a binary update if older
    • Upon updating, new tokens will be required for authentication
  • Error messages are shown when executing ocm or rosa commands:

    OCM auth: failed to get tokens, got http code 200, will not attempt to retry. err: expected 'bearer' token type but got 'Bearer
    
    level=error msg="Can't get tokens, got HTTP code 200, will not retry: expected 'bearer' token type but got 'Bearer"
    E: Failed to create OCM connection: error creating connection. Not able to get authentication token
    

Resolution

Update OCM CLI

Update ROSA CLI

Acquire a new token

Root Cause

Backend authentication mechanisms for these tools have been updated for additional security and capabilities. These updates necessitate the expiry/logout of older tokens and deprecation of older CLI binaries.

Diagnostic Steps

When interacting with OCM CLI or ROSA CLI, users will encounter the following errors:

OCM CLI
$ ocm login
[...]
OCM auth: failed to get tokens, got http code 200, will not attempt to retry. err: expected 'bearer' token type but got 'Bearer
ROSA CLI
$ rosa init
[...]
level=error msg="Can't get tokens, got HTTP code 200, will not retry: expected 'bearer' token type but got 'Bearer"
E: Failed to create OCM connection: error creating connection. Not able to get authentication token

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments