How can I set the access token for the admin api?

I’m playing around with dgraph in our cluster and launched the helm chart.

When I try to hit the /admin api to push a schema, I get:

{"errors":[{"message":"Request from IP: X.X.X.X","extensions":{"code":"ErrorUnauthorized"}}]}

I guess there’s an access token somewhere I need to set/retrieve, but I can’t find any configuration options for this in the documentation or in the values that are available in the helm chart.

Also, I’m assuming that this is separate to ACLs… please correct me if I’m wrong.

Can someone point me in the right direction?

I found the alpha.configFile property in the helm chart, which sets the config.yaml property of alpha’s ConfigMap. I added an access_token property there, but still get unauthorised.

I’ll try the same with whitelisting.

Would be good if the defaults for these values were published somewhere.

Hi @martaver,

By default, to call /admin API, no access token is required.

In case, authentication has been setup by providing --auth_token flag while running dgraph alpha, the same token needs to be provided for admin operations using auth_token flag.
For details regarding authentication: https://dgraph.io/docs/deploy/dgraph-administration/#securing-alter-operations

Another reason could be IP whitelisting. By default, admin operations are allowed from the same machine on which dgraph alpha runs. If you are running admin operations from a different machine, make sure that the IP has been whitelisted.
For more details: https://dgraph.io/docs/deploy/dgraph-administration/#whitelisting-admin-operations

Gotcha! That must be it… I missed that documentation, thanks for clarifying!

That worked… it was a bit tricky figuring this out. It would have helped if the error message pointed out that it was failing due to whitelisting rules!

Thanks for the help!