I tried to login on heroku, but I was required to enter code generated by authenticator app, but I have no the authenticator app. I tried heroku login -i, but it says
"Error: Your account has MFA enabled; API requests using basic authentication with email
› and password are not supported. Please generate an authorization token for API access."
How can I solve this problem?
Thanks in advance.
You must enable Multi-Factor Authentication and set up your preferred MFA option.
One of the options is to install Google Authenticator and configure it to access Heroku: after login (on the browser) you need to provide the code displayed in the Google Authentication application.
Login via Command Line
The approach is still the same but you need to use the API Key as the password
% heroku login -i
heroku: Enter your login credentials.
Email [my email address]:
Password: ************************************. # enter API Key here.
Logged in as [my email address]
To create the API Token go to Heroku Dashboard -> Account
Related
I also tried on terminal
heroku login -i
xxx#pedroui-MacBookPro onoff-wad % heroku login -i
heroku: Enter your login credentials
Email [xxx#naver.com]: xxx#naver.com
Password: ***********
› Error: Your account has MFA enabled; API requests using basic authentication with
› email and password are not supported. Please generate an authorization token for
› API access.
›
› Error ID: vaas_enrolled
login error page said
to secure account, we check user's id .
please enter code generated by authentication app.
the problem is I don't know anything about authentication app.
We have application on compute engine that is using oauth2(Using GCP credentials) to authorize users to access application and it was working all fine. Suddenly since last two days we are getting 401 not authorize message from google authenticator instead of access token.
Have verified that the service account is active and APIs access enabled on GCE.
We tried rotating GCP API credentials but that did not work, even one of the environment was allowing to login again but go broken again in the morning.
Here is the sequence of incidents:
User hit url to access web app
That redirects to -> google auth page, requesting user to login consent
Credential provided user and accepted by google.
Instead of providing authentication token google is giving message access denied.
Not sure which logs can give clear picture to see the errors.
If your App is External Facing but is still in test mode (not verified), the token will expire after 7 days (source)
I’ve been trying to login to HEROKU CLI on a headless Ubuntu. So, I don’t have a chance to open a browser. That’s why, I need to login with credential or any other method but there are only two login options which are browser, credentials.
Is there anybody face with the same problem?
Command:
heroku login -i
Error Message:
› Error: Your account has MFA enabled; API requests using basic authentication with email and password are not supported. Please generate an authorization token
› for API access.
›
› Error ID: mfa_required
PS: The Heroku doesn’t allow me to disable MFA.
Shanshan Chen is basically right, but given the specifics of your issue you're still going to need the -i flag. I have had the same issue and was able to log in successfully using these steps:
Run heroku login -i
Enter your email address as normally
For the password, use your Heroku account API Key (see below)
Try heroku login and use API key as the password. Feel free to refer to
Not able login to Heroku account from command line
I am trying to access the Github repo which sits behind an enterprise firewall (Open VPN). I am trying to access with my username and password but getting the below Exception. Any suggestions on how to access the repo with Spring Cloud.
application.properties:
spring.cloud.config.server.git.uri=https://github.com/company-repo/abc.git
spring.cloud.config.server.git.username=tarun
spring.cloud.config.server.git.password=xxxxx
spring.cloud.config.server.git.ignore-local-ssh-settings=true
Exception:
Error occured cloning to base directory. org.eclipse.jgit.api.errors.TransportException:
https://github.com/company-repo/abc.git: not authorized
Do not Use Your GitHub password in your app.prop file...You will get a Not Authorized exception. Instead Generate an access token.
Creating a personal access token
You should create a personal access token to use in place of a password with the command line or with the API.
Personal access tokens (PATs) are an alternative to using passwords for authentication to GitHub when using the GitHub API or the command line.
If you want to use a PAT to access resources owned by an organization that uses SAML SSO, you must authorize the PAT. For more information, see "About authentication with SAML single sign-on" and "Authorizing a personal access token for use with SAML single sign-on."
As a security precaution, GitHub automatically removes personal access tokens that haven't been used in a year.
Creating a token
Verify your email address, if it hasn't been verified yet.
In the upper-right corner of any page, click your profile photo, then click Settings.
Settings icon in the user bar
In the left sidebar, click Developer settings.
In the left sidebar, click Personal access tokens.
Click Generate new token.
Give your token a descriptive name.
Select the scopes, or permissions, you'd like to grant this token. To use your token to access repositories from the command line, select repo.
Click Generate token.
Click to copy the token to your clipboard. For security reasons, after you navigate off the page, you will not be able to see the token again.
Warning: Treat your tokens like passwords and keep them secret. When working with the API, use tokens as environment variables instead of hardcoding them into your programs.
To use your token to authenticate to an organization that uses SAML SSO, authorize the token for use with a SAML single-sign-on organization.
Using a token on the command line
Once you have a token, you can enter it instead of your password when performing Git operations over HTTPS.
For example, on the command line you would enter the following:
$ git clone https://github.com/username/repo.git
Username: your_username
Password: your_token
Personal access tokens can only be used for HTTPS Git operations. If your repository uses an SSH remote URL, you will need to switch the remote from SSH to HTTPS.
If you are not prompted for your username and password, your credentials may be cached on your computer. You can update your credentials in the Keychain to replace your old password with the token.
The way i made it work is :
Generate the Access Token on Github repo and provide read and admin rights to it
Use the Token as password
Credentials can be saved in Kubernetes as Secrets or inside Vault. Hope this helps.
We are using Zohocrm api v2 for getting currently logged in user. It works fine for most of the logins.
But we are getting 403 for one of the user account.
URL https://www.zohoapis.com/crm/v2/users?type=CurrentUser
HEADERS {Authorization=Zoho-oauthtoken 1000.786ecda99xxxx}
Response
{"code":"NO_PERMISSION","details":{"permissions":["Crm_Implied_Api_Access"]},"message":"permission
denied","status":"error"}
Response Code 403
Note: From the same zoho team other 2 users were able to login.
Please suggest.
Just adding the steps with which I tried in Postman. It works for me.
If at all any of the steps are different from yours, you could try these steps instead.
Add the client to get client secret
Generate auth token giving client id and secret (and scopes)
After this step, oauth permission request page will be shown, asking user to confirm access to Accounts User Profile and CRM users info. Both have to be accepted.
Use the latest generated token in postman
Execute API GET