Closed donlent closed 1 day ago
Are you using SAML2 for your authentication? We found an issue using app tokens with that enabled but it typically would present as a different error. That said, I can't actually reproduce this either. 😂
PS C:\Users\adamr> New-PSUVariable -Name 'Test2' -Value $Credential -AppToken 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9uYW1lIjoiYWRtaW4iLCJodHRwOi8vc2NoZW1hcy54bWxzb2FwLm9yZy93cy8yMDA1LzA1L2lkZW50aXR5L2NsYWltcy9oYXNoIjoiMGJiODMwZTgtYWUzMi00NTk0LTljODctMDNhOThmMjg5NWM0Iiwic3ViIjoiUG93ZXJTaGVsbFVuaXZlcnNhbCIsImh0dHA6Ly9zY2hlbWFzLm1pY3Jvc29mdC5jb20vd3MvMjAwOC8wNi9pZGVudGl0eS9jbGFpbXMvcm9sZSI6IkFkbWluaXN0cmF0b3IiLCJuYmYiOjE3MjYyNDUxNTAsImV4cCI6MTcyODgzNzE1MCwiaXNzIjoiSXJvbm1hblNvZnR3YXJlIiwiYXVkIjoiUG93ZXJTaGVsbFVuaXZlcnNhbCJ9.efjdueY2vpxOrmoCLKngpj2qz8_Lfb1LcqIWrTMz-0Q' -Vault Database -ComputerName http://localhost:5000
Id : 3
Name : Test2
Value :
UserName :
Password :
Secret : True
Vault : Database
Type : PSCredential
Description :
LOL... I'm feeling quite a bit stupid today... 🤣 No, we're using standard form based auth for now. The user logs in with his user (non-admin obviously) and should be able to create PSCredential Variables with an Apptoken that has the permissions to do that.
Let me try that as well and I'll report back. Here as well, latest on Monday. :-)
Thanks for your patience and as always your will to help!
Hey @adamdriscoll OK that was a dumb one... 😅 The issue was related to having specified just -ComputerName "$env:COMPUTERNAME"
This seems to work if you're not using -AppToken. Otherwise the Commandlet expects a webaddress like http://localhost:5000
So I'll keep the issue open for you in case you want to fix that in your code that it behaves the same, otherwise feel free to close the issue. For me it's clear now and therefore there's no action needed on this one.
Ps. You could also put an example in the docs on how to do it and like that you could leave it as it is... ;-) Up to you.
Thanks, Don
Glad you have it working on your end. That said, you should be able to use the computer name. It just creates a URL like http://{ComputerName}:5000 locally. If you need to specify a port or something, then you would need a URL. I played around with it a bit and couldn't cause it to fail so there may still be an issue here but I'll close this for now and we can re-evaluate if it crops up again.
Version
5.0.6
Severity
High
Environment
msi
Steps to Reproduce
Sorry but no matter how I try, it just doesn't work as expected or documented:
It will always result in a 401 error because he tries to create the Variable with the logged-on user in PSU and not using the AppToken.
Expected behavior
Actual behavior
Additional Environment data
No response
Screenshots/Animations
No response