401:Unauthorized - API Token is missing or invalid; please supply a valid token

[rowansmithau]

So I initially thought this was possibly caused by some db schema issues I had, however I've worked through those and validate.php comes back 100% now. I've uninstalled/reinstalled the iOS app, regenerated tokens, tried inputting by scanning QR code and typing manually, however every time I try and login once i've added the connection I get the error mentioned in the post title.

The following also (expectedly) appears in /opt/librenms/logs/access_log, but nothing is logged in librenms.log or error_log in relation to the failure

x.x.x.x - - [23/Apr/2017:11:44:22 +1000] "GET /api-access/ HTTP/1.1" 200 29586 "https://nms.externalhost.com/api-access/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36"

The only perhaps non standard configuration that may be a cause is that I am using AD (LDAP) to login to LibreNMS, would that be an issue?

[rowansmithau]

update: I changed the login method back to mysql, logged in with a sql user, created an API token and verified i was then able to login with the app. Without removing the token i switched the login method back to AD and that straight away broke the mobile app, so looks like it's because I'm using LDAP for auth

[laf]

You say ldap and ad in the same sentence. Which with method are you using?

[rowansmithau]

cat /opt/librenms/config.php | grep active $config['auth_mechanism'] = "active_directory"; # default, other options: ldap, http-auth

[laf]

Do you have a bind account setup? This is needed for api tokens to work so we can lookup the user.

[laf]

p.s None of this is an issue for myLibreNMS so you should really post on the librenms community forum or irc.

[rowansmithau]

Yes, I have auth_ad_binduser configured. Doing the LDAP testing after making the post has validated that it's not really a mobile client issue, yes, so I will close it