API Signer: Troubleshooting
Following are a few issues that might present themselves while you work wih API Signer, with workarounds:
Error: User is not authorized – failed to fetch refresh token
Are you seeing output like this?
Post "https://api.fordefi.com/api/v1/logs": oauth2: cannot fetch token: 401 Unauthorized
Response: {"title":"User is not authorized","detail":"failed to authorize api signer","request_id":"fe17407d-2372-9baf-85e6-447dfeb1b919"}This error usually indicates a stale or misconfigured API Signer setup.
To resolve the issue, remove the existing Signer — including its Docker volume and configuration — and perform a fresh setup. Here are the steps to perform:
Check which Docker volume the Signer is using (default is
vol):docker volume lsRemove the volume:
docker volume rm <volume_name>Delete the old Docker config file:
rm ~/.docker/config.jsonRemove the API Signer from the Fordefi web console:
Navigate to Settings > API Signer in the Fordefi web console and delete the existing Signer.
Set up a new API Signer:
- Follow the instructions here:
Set up an API Signer - Then, provision it with your API User’s public key:
Pair an API Client with the API Signer
- Follow the instructions here:
I can't find an option to register my API User’s public key in the app
You need to choose the Register API user key option in the API Signer container’s menu, not in the Fordefi app. The menu options are shown like this:
========================================
========= API-Signer Main Menu =========
========================================
Use the arrow keys to navigate: ↓ ↑ → ←
? API-Signer is provisioned. What do you want to do?:
▸ Run signer
Register API user key
Show API users
Remove API user key
↓ Configure signerImportant:
- Remove the PEM headers and footers (
-----BEGIN PUBLIC KEY-----, etc.) - Paste the key in one, single line, with no line breaks.
For example:
Given the following public.pem:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbi
rwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w==
-----END PUBLIC KEY-----You should just provide the following, making sure there's no line break:
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbirwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w==How do I update my API Signer?
To upgrade your Signer to the latest version:
- Stop the API Signer container that is currently running.
- Log in to Fordefi’s Artifactory and pull the latest image:
docker login -u fordefi fordefi.jfrog.io- Ask Fordefi support for the password, if needed.
docker pull fordefi.jfrog.io/fordefi/api-signer:latest- Restart the API Signer container.