Error creating an identity user

Building/Development
1

Quick note… I am probably doing something wrong… as I am working through the awesome video below.

I ran originally ran the command to create a reflectClient successfully… but it took me some time until I could enroll it… and ran out of time… as the token had expired.

So… I deleted it… thinking I could recreate it… but now I cannot not even create an identity.

ziti edge create identity user reflectClient -o reflectClient1.jwt
error: error creating identities instance in Ziti Edge Controller at https://instance-20220317-1005:1280/edge/management/v1. Status code: 401 Unauthorized, Server returned: {
“error”: {
“code”: “UNAUTHORIZED”,
“message”: “The request could not be completed. The session is not authorized or the credentials are invalid”,
“requestId”: “dh-Jmm8lO”
},
“meta”: {
“apiEnrollmentVersion”: “0.0.1”,
“apiVersion”: “0.0.1”
}
}

Does this mean that something related to another identity is causing the problem…

When I did the ExpressInstall… I checked the status of the router identity… which seems as if it was already enrolled as a part of the installation…

Let me know if you can help out.

In the meantime… I am going to restart from the beginning to see if a clean install works

2

Quick update… finding lots of interesting things… :slight_smile:

When I reran the QuickInstall… it resolved the unauthorised access issue… but now I get a different error because I am using the same identity name

This makes sense… though I am wondering how to make a clean installation so that I can recreate an identity with the same name… to keep the testing consistent… is this possible?

I understand if its not… because you dont want to be creating duplicate identity names… but it would be nice to know how to perform a complete clean reinstall and wipe everything

ziti edge create identity user reflectClient -o reflectClient.jwt
error: error creating identities instance in Ziti Edge Controller at https://instance-20220317-1005:1280/edge/management/v1. Status code: 500 Internal Server Error, Server returned: {
“error”: {
“cause”: {
“code”: “UNHANDLED”,
“message”: “duplicate value ‘reflectClient’ in unique index on identities store”
},
“code”: “UNHANDLED”,
“message”: “An unhandled error occurred”,
“requestId”: “7YSt333QL”
},
“meta”: {
“apiEnrollmentVersion”: “0.0.1”,
“apiVersion”: “0.0.1”
}
}

3

In the first post, you were not authenticated. You just needed to run zitiLogin again (which performs the command ziti edge login supplying env vars for user and pwd)

The second post, the follow up says the identity already exists. You just need to delete it first, then you can create it again.

When I want to TRULY start fresh, I generally delete the entire $HOME/.ziti/quickstart folder. Based on what you’re reporting it seems like the controller database wasn’t deleted. I think that’s usually in $ZITI_HOME/db.

You can delete that file only, but I like removing the whole pki, config files, logs etc by deleting the whole quickstart folder

1 Like
4

Brilliant… this feedback fills the gaps better than Selleys :slight_smile:

5

ziti edge delete identity user reflectClient

I experimented with the commands… this seemed to work…

PS… Is there a cheat sheet anywhere that lists all of these commands in one place?

6

generally speaking i just run the command - and it'll tell you quite a bit. for example:

ziti edge delete
deletes various entities managed by the Ziti Edge Controller

Usage:
  ziti edge delete [flags]
  ziti edge delete [command]

Available Commands:
  api-session                deletes api-sessions managed by the Ziti Edge Controller
  authenticator              deletes an identity's authenticator managed by the Ziti Edge Controller
  ca                         deletes cas managed by the Ziti Edge Controller
  config                     deletes configs managed by the Ziti Edge Controller
  config-type                deletes config-types managed by the Ziti Edge Controller
  edge-router                deletes edge-routers managed by the Ziti Edge Controller
  edge-router-policy         deletes edge-router-policies managed by the Ziti Edge Controller
  identity                   deletes identities managed by the Ziti Edge Controller
  posture-check              deletes posture-checks managed by the Ziti Edge Controller
  service                    deletes services managed by the Ziti Edge Controller
  service-edge-router-policy deletes service-edge-router-policies managed by the Ziti Edge Controller
  service-policy             deletes service-policies managed by the Ziti Edge Controller
  session                    deletes sessions managed by the Ziti Edge Controller
  terminator                 deletes terminators managed by the Ziti Edge Controller

Flags:
  -h, --help   help for delete

Use "ziti edge delete [command] --help" for more information about a command.
``
7

more thorough ‘online doc’ will happen in the future - it’s just not been produced yet… contributions are welcome :slight_smile:

1 Like