Attempted administrative access with invalid or missing key

Support Installation and Deployment
1

[When i use the Example to Create an API - Community Edition but fail]

request:
[leinao@GA041 ~]$ curl -v -H “x-tyk-authorization: 352d20ee67be67f6340b4c0605b044sf” -s -H “Content-Type: application/json” -X POST -d ‘{
“name”: “Test API”,
“slug”: “test-api”,
“api_id”: “1”,
“org_id”: “1”,
“auth”: {
“auth_header_name”: “Authorization”
},
“definition”: {
“location”: “header”,
“key”: “x-api-version”
},
“version_data”: {
“not_versioned”: true,
“versions”: {
“Default”: {
“name”: “Default”,
“use_extended_paths”: true
}
}
},
“proxy”: {
“listen_path”: “/test-api/”,
“target_url”: “http://httpbin.org/”,
“strip_listen_path”: true
},
“active”: true
}’ http://10.43.216.225:8080/tyk/apis/ | python -mjson.tool

response:

  • About to connect() to 10.43.216.225 port 8080 (#0)
  • Trying 10.43.216.225…
  • Connected to 10.43.216.225 (10.43.216.225) port 8080 (#0)

POST /tyk/apis/ HTTP/1.1
User-Agent: curl/7.29.0
Host: 10.43.216.225:8080
Accept: /
x-tyk-authorization: 352d20ee67be67f6340b4c0605b044sf
Content-Type: application/json
Content-Length: 570

} [data not shown]

  • upload completely sent off: 570 out of 570 bytes
    < HTTP/1.1 403 Forbidden
    < Content-Type: application/json
    < Date: Mon, 22 Mar 2021 08:32:50 GMT
    < Content-Length: 92
    <
    { [data not shown]
  • Connection #0 to host 10.43.216.225 left intact
    {
    “message”: “Attempted administrative access with invalid or missing key!”,
    “status”: “error”
    }
2

You’re passing the auth header secret 352d20ee67be67f6340b4c0605b044sf to access the admin API.

Can you confirm that’s what the value in the tyk.conf secret field? or the env variables?

1 Like
3

Ran into the same issue. You have to check two places:

The config (when using docker-compose it’s the tyk.standalone.conf by default) contains a secret.

However, this secret is overwritten by passing the environment variable TYK_GW_SECRET.
In the local docker-compose setup, the default password is “foo” (provided by the TYK_GW_SECRET env variable in the docker-compose file).

4 Likes
4

Yeah @kevcodez , setting the ‘x-tyk-authorization’ to ‘foo’ worked for me.

1 Like
5

thanks for the solution… it worked