Logging into HCP Boundary instance via CLI

I am working through the HCP Boundary quick start and am running into an error when trying to log in via CLI to the Boundary instance deployed in HCP. (Access HCP Boundary | Boundary - HashiCorp Learn)

I have ORG_ID, AUTH_ID and BOUNDARY_ADDR set up as env vars and am using the following command:

boundary authenticate password -auth-method-id=<auth_method> -login-name=<name> -password=<password> -keyring-type=none -format=json | jq -r .item.attributes.token

I have also tried without the format and keyring type flags.

I am getting the following 401 error:

Error information:
  Kind:                Unauthenticated
  Message:             Unable to authenticate.
  Status:              401
  context:             Error from controller when performing authentication

I am trying to log in as the global admin, set up when the cluster was created. I can log in with these credentials via the HCP Boundary web interface and also the desktop app. I have checked the env vars and admin username/ password; they all seem to be in order.
I deployed the cluster in HCP following the tutorial linked above and have Boundary installed 0.9.0 locally.

Any help would be appreciated to understand why I am getting this 401 error.

Thank you.

It’s hard to tell with a general error like that – my first thought would have been an issue with the username or password but you’re using them to log in successfully through other interfaces. At a guess, your username or password isn’t being transmitted properly. Does either one contain special characters that might be being interpreted by the shell? Try putting single quotes around them if they do.

Thanks for the response, there was a special character in the password and the single quotes have solved it (time to change the settings on my password generator…) All looks to be working now, thank you.

1 Like