How to use without the UI?

evan.sikorski · 30 September 2020 14:46

In order to meet unique security requirements, we are looking at disabling/removing the UI from anyone but an admin accessing.

However I cannot find a way to do any user/password actions without using the UI.

How does a user create/mange API keys without the UI? Or is this simply not possible?

d0ugal · 30 September 2020 15:08

You can create API keys with the following CLI command

maas apikey --username $USERNAME

Then login with

maas login $PROFILE $URL $API_KEY

There is a bit about this in the maas-cli docs.

evan.sikorski · 30 September 2020 18:12

This only allows you to create additional API keys, correct?

You still have to have a single valid API key for that user ine the first place, yes?

If the user deletes the API key without realizing it is the last one, are they not locked out?

evan.sikorski · 1 October 2020 19:46

We found undocumented solutions through the codebase.

According to code in apikey.py we can have MAAS CLI generate the token for another user, which solves our problem with managing tokens for users who may not have a valid token anymore

According to code in helpers.py#L256 we can authenticate and automatically create a token if no token is found, which solves our problem with if a user deletes their last token

system · 3 October 2020 19:46

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.