From 16bd3c02fb8f0e41eb73e56dd6ac0c2f24df1974 Mon Sep 17 00:00:00 2001 From: Anton Gilgur Date: Mon, 28 Aug 2023 15:52:51 -0400 Subject: [PATCH] docs(auth): clarify "Bearer token" terminology - follow-up to 50395d2a6930dfa10dfa0d32f90c959edd1e75c6, where my wording could have been clearer - this is still a point of confusion with users, so be specific when referring to `$ARGO_TOKEN`, which includes "Bearer ", and the SA Secret, which is the part after "Bearer " - also fix the one doc that has `Bearer $ARGO_TOKEN` whereas the rest of the codebase has `$ARGO_TOKEN` with "Bearer " part of it - **Note**: the _internal_ terminology is actually a bit off here. In the [IETF standards spec](https://datatracker.ietf.org/doc/html/rfc6750#section-2.1), the "token" is referred to as the part after "Bearer " - The spec does not quite specify this in its [terminology section](https://datatracker.ietf.org/doc/html/rfc6750#section-1.2) though - Internally (which is more than just docs, it includes source code and tests as well) though, `$ARGO_TOKEN` _always_ includes "Bearer " - See also another common industry reference's use of the terminology: https://swagger.io/docs/specification/authentication/bearer-authentication/ Signed-off-by: Anton Gilgur --- docs/async-pattern.md | 8 ++++---- docs/faq.md | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/async-pattern.md b/docs/async-pattern.md index ba1759e51e55..5df01016fa42 100644 --- a/docs/async-pattern.md +++ b/docs/async-pattern.md @@ -66,12 +66,12 @@ You may need an [access token](access-token.md). curl --request PUT \ --url https://localhost:2746/api/v1/workflows///resume --header 'content-type: application/json' \ - --header "Authorization: Bearer $ARGO_TOKEN" \ + --header "Authorization: $ARGO_TOKEN" \ --data '{ "namespace": "", "name": "", "nodeFieldSelector": "inputs.parameters.uuid.value=" - }' + }' ``` or stop if unsuccessful: @@ -80,13 +80,13 @@ or stop if unsuccessful: curl --request PUT \ --url https://localhost:2746/api/v1/workflows///stop --header 'content-type: application/json' \ - --header "Authorization: Bearer $ARGO_TOKEN" \ + --header "Authorization: $ARGO_TOKEN" \ --data '{ "namespace": "", "name": "", "nodeFieldSelector": "inputs.parameters.uuid.value=", "message": "" - }' + }' ``` ## Retrying failed jobs diff --git a/docs/faq.md b/docs/faq.md index f46ee59c52c6..929424efc160 100644 --- a/docs/faq.md +++ b/docs/faq.md @@ -5,7 +5,7 @@ You may not have configured Argo Server authentication correctly. If you want SSO, try running with `--auth-mode=sso`. -If you're using `--auth-mode=client`, make sure you have `Bearer` in front of the token, as mentioned in [Access Token](access-token.md#token-creation). +If you're using `--auth-mode=client`, make sure you have `Bearer` in front of the ServiceAccount Secret, as mentioned in [Access Token](access-token.md#token-creation). [Learn more about the Argo Server set-up](argo-server.md)