Following are a few issues that might present themselves while you work wih API Signer, with workarounds:
Are you seeing output like this?
Post "https://api.fordefi.com/api/v1/logs": oauth2: cannot fetch token: 401 Unauthorized
Response: {"title":"User is not authorized","detail":"failed to authorize api signer","request_id":"fe17407d-2372-9baf-85e6-447dfeb1b919"}This error usually indicates a stale or misconfigured API Signer setup.
To resolve the issue, remove the existing Signer — including its Docker volume and configuration — and perform a fresh setup. Here are the steps to perform:
Check which Docker volume the Signer is using (default is
vol):docker volume lsRemove the volume:
docker volume rm <volume_name>Delete the old Docker config file:
rm ~/.docker/config.jsonRemove the API Signer from the Fordefi web console:
Navigate to Settings > API Signer in the Fordefi web console and delete the existing Signer.
Set up a new API Signer:
- Follow the instructions here:
Set up an API Signer - Then, provision it with your API User’s public key:
Pair an API Client with the API Signer
- Follow the instructions here:
You need to choose the Register API user key option in the API Signer container’s menu, not in the Fordefi app. The menu options are shown like this:
========================================
========= API-Signer Main Menu =========
========================================
Use the arrow keys to navigate: ↓ ↑ → ←
? API-Signer is provisioned. What do you want to do?:
▸ Run signer
Register API user key
Show API users
Remove API user key
↓ Configure signerImportant:
- Remove the PEM headers and footers (
-----BEGIN PUBLIC KEY-----, etc.) - Paste the key in one, single line, with no line breaks.
For example:
Given the following public.pem:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbi
rwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w==
-----END PUBLIC KEY-----You should just provide the following, making sure there's no line break:
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbirwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w==To upgrade your Signer to the latest version:
- Stop the API Signer container that is currently running.
- Log in to Fordefi’s Artifactory and pull the latest image:
docker login -u fordefi fordefi.jfrog.io- Ask Fordefi support for the password, if needed.
docker pull fordefi.jfrog.io/fordefi/api-signer:latest- Restart the API Signer container.