Authorize failed: transient error: authorization request failed

General Discussions
1

We are using hosted mender(https://hosted.mender.io), and setting up the client in Linux VM, while we try to run the mender client we are facing issues.

here is our mender.conf

{
“HttpsClient”: {“SkipVerify”:true},
“Security”: {},
“DeviceTypeFile”: “/var/lib/mender/device_type”,
“DBus”: {
“Enabled”: true
},
“UpdateControlMapExpirationTimeSeconds”: 90,
“UpdateControlMapBootExpirationTimeSeconds”: 45,
“UpdatePollIntervalSeconds”: 5,
“InventoryPollIntervalSeconds”: 5,
“RetryPollIntervalSeconds”: 30,
“StateScriptRetryIntervalSeconds”: 30,
“TenantToken”: “”,
“Servers”: [
{
“ServerURL”: “https://hosted.mender.io
}
]
}

level=error msg=“Authorize failed: transient error: authorization request failed: transient error: authorization request failed: failed to build authorization request: failed to obtain authorization message data: failed to obtain identity data: failed to call /usr/share/mender/identity/mender-device-identity: fork/exec /usr/share/mender/identity/mender-device-identity: exec format error”
Jul 11 05:55:57 edgedevice11 mender[791535]: time=“2024-07-11T05:55:57Z” level=info msg=“State transition: authorize [Sync] → authorize-wait [Idle]”

2

Hi @sahithi,

looking at your error message suggests that the file /usr/share/mender/identity/mender-device-identity does not work as required. Please make sure that the script is executable and provides an identity as described here: Identity | Mender documentation

Greets,
Josef

3

Hi,

I have tried executing the script from the device identity.
My mender-device-identity file looks like

ID={
MAC=01:0e:3b:1b:2c:9a
}

and also tried different examples shown in the same document, but still couldn’t find a solution. and also tried from here
https://github.com/mendersoftware/mender/blob/4.0.2/support/mender-device-identity

requesting further help.

4

Hi @sahithi

This is not a valid identity script. As pointed out in the documentation, specifically here Identity | Mender documentation, the file must be executable (chmod a+x on Linux), and must print the identity key-value pairs to standard out.

Greets,
Josef

5

Hi @TheYoctoJester ,

was able to give correct script now, and now i am facing issue with auth

time=“2024-07-11T12:36:59Z” level=error msg=“Authorize failed: transient error: authorization request failed: transient error: authorization request failed: (request_id: ): authentication request rejected server error message: Unauthorized”

6

@sahithi depending on the polling interval, it will take a few moments for the device to show up on the dashboard. It will be marked as pending. After you have accepted it, the device authentication succeeds.

Greets,
Josef

7

@TheYoctoJester i am actually having the device in the preauth state, the device we create from a dashboard, while running the client in linux VM i am facing the issue. can you guide me if the mender.conf file is correct or, can you guide me through the process.
{
“HttpsClient”: {“Certificate”: “/certfolder/device1.crt”,
“Key”: “/certfolder/device1.key”},
“Security”: {},
“DeviceTypeFile”: “/var/lib/mender/device_type”,
“DBus”: {
“Enabled”: true
},
“UpdateControlMapExpirationTimeSeconds”: 90,
“UpdateControlMapBootExpirationTimeSeconds”: 45,
“UpdatePollIntervalSeconds”: 5,
“InventoryPollIntervalSeconds”: 5,
“RetryPollIntervalSeconds”: 30,
“StateScriptRetryIntervalSeconds”: 30,
“TenantToken”: “”,
“Servers”: [
{
“ServerURL”: “https://hosted.mender.io
}
]
}

8

Hi @sahithi,

As far as I can tell you can remove a lot of the configuration items. Something like this is known to work:

{
    "InventoryPollIntervalSeconds": 5,
    "RetryPollIntervalSeconds": 30,
    "ServerURL": "https://hosted.mender.io",
    "TenantToken": "xxxxxxxxx",
    "UpdatePollIntervalSeconds": 5
}

Insert your own TenantToken value as described in the documentation:

  • log in to https://hosted.mender.io
  • click your email at the top right and then “My organization”
  • press the “COPY TO CLIPBOARD”
  • assign content of clipboard to TenantToken

Greets,
Josef

9

@TheYoctoJester after modify i am encountering different error
level=info msg=“‘UpdateControlMapExpirationTimeSeconds’ is not set in the Mender configuration file. Falling back to the default of 2*UpdatePollIntervalSeconds”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“‘UpdateControlMapBootExpirationTimeSeconds’ is not set in the Mender configuration file. Falling back to the default of 600 seconds”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“No dual rootfs configuration present”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“State transition: init [none] → init [none]”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“State transition: init [none] → idle [Idle]”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“State transition: idle [Idle] → authorize-wait [Idle]”
Jul 11 13:44:29 edgedevice11 mender[165225]: time=“2024-07-11T13:44:29Z” level=info msg=“State transition: authorize-wait [Idle] → authorize [Sync]”

10

@sahithi as the log clearly says, this is an info message and it falls back to a reasonable default value. No problem.

11

@TheYoctoJester thanks for the help.