# API Signer: Troubleshooting Following are a few issues that might present themselves while you work wih API Signer, with workarounds: ### Error: User is not authorized – failed to fetch refresh token Are you seeing output like this? ```bash Post "https://api.fordefi.com/api/v1/logs": oauth2: cannot fetch token: 401 Unauthorized Response: {"title":"User is not authorized","detail":"failed to authorize api signer","request_id":"fe17407d-2372-9baf-85e6-447dfeb1b919"} ``` This error usually indicates a stale or misconfigured API Signer setup. To resolve the issue, remove the existing Signer — including its Docker volume and configuration — and perform a fresh setup. Here are the steps to perform: 1. Check which Docker volume the Signer is using (default is `vol`): ```bash docker volume ls ``` 2. Remove the volume: ```bash docker volume rm ``` 3. Delete the old Docker config file: ```bash rm ~/.docker/config.json ``` 4. Remove the API Signer from the Fordefi web console: Navigate to **Settings > API Signer** in the Fordefi web console and delete the existing Signer. 5. Set up a new API Signer: - Follow the instructions here: [Set up an API Signer](https://docs.fordefi.com/developers/getting-started/set-up-an-api-signer) - Then, provision it with your API User’s public key: [Pair an API Client with the API Signer](https://docs.fordefi.com/developers/getting-started/pair-an-api-client-with-the-api-signer) ### I can't find an option to register my API User’s public key in the app You need to choose the Register API User key option in the API Signer container’s menu, not in the Fordefi app. The menu options are shown like this: ```bash ======================================== ========= API-Signer Main Menu ========= ======================================== Use the arrow keys to navigate: ↓ ↑ → ← ? API-Signer is provisioned. What do you want to do?: ▸ Run signer Register API user key Show API users Remove API user key ↓ Configure signer ``` **Important:** - Remove the PEM headers and footers (`-----BEGIN PUBLIC KEY-----`, etc.) - Paste the key in one, single line, with no line breaks. **For example:** Given the following `public.pem`: ```text -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbi rwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w== -----END PUBLIC KEY----- ``` You should just provide the following, making sure there's no line break: ```text MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEii6P6JR/ipUUwD8mQ/0/rPcKHDbirwEiV0rtXqKL+Ol+S376J43os7c4c/TQn8YPzVtQZbbFstV5nMdBzNB75w== ``` ### How do I update my API Signer? To upgrade your Signer to the latest version: 1. Stop the API Signer container that is currently running. 2. Log in to Fordefi’s Artifactory and pull the latest image: ```bash docker login -u fordefi fordefi.jfrog.io ``` Retrieve your password by clicking: **Settings** > **API Signer**, then click **View Docker Credentials**. ```bash docker pull fordefi.jfrog.io/fordefi/api-signer:latest ``` 3. Restart the API Signer container. ### How do I check the version of my API Signer and update it? 1. Call this endpoint, which returns the latest versioned image: ```bash curl -s -u username:password "https://fordefi.jfrog.io/artifactory/api/docker/fordefi/v2/api-signer/tags/list" | jq -r '.tags[]' | grep "^v" | sort -V | tail -1 ``` 2. Pull and install that specific version: ```bash docker pull --platform linux/amd64 fordefi.jfrog.io/fordefi/api-signer:v0.105.39` ``` 3. Run the command in step 1 from time to time to check if a later version is available.