Renew Access Token When AICenter Is Using External Orchestrator As Identity

How to renew access token?

Issue Description: When AICenter is installed in the automation suite and it is later decided to use a standalone Orchestrator connected as the identity. When you are installing it is required to provide an identity token from the identity hub in Orchestrator when the host level is accessed for the first time, this token can get expired. Hence the need to renew it.

There is the manual approach, but this access token can be renewed using the installation script from the Linux terminal.

Resolution:

  1. Access the external Orchestrator at the host level at the Identity Hub, click Management.

  1. In management, click on Security settings and generate a new installation key, this is the access token.

  1. When this is ready, access Argo, and for that, get the password from the Linux terminal, so the first thing to do will be to export the kubectl config file with the following command:
  • export KUBECONFIG="/etc/rancher/rke2/rke2.yaml" \ && export PATH="$PATH:/usr/local/bin:/var/lib/rancher/rke2/bin"

  1. When this is done, get the argo password with the following command:
  • kubectl get secrets/argocd-admin-password -n argocd -o "jsonpath={.data['password']}" | echo $(base64 -d)

  1. When the password is obtained, access the following URL:
  1. The username is admin and the password is the one obtained from the Linux terminal.

  1. When you are inside argo , search for AICenter and click:

  1. Once inside the app, click app details top left:

  1. Click on parameters click edit first, then ctrl + f, and search for global access.


  1. Click in the box and paste the access token obtained from the Orchestrator and click Save.

  1. Then click sync at the top left, a menu will pop up, and then click synchronize:

  1. After that, access will be provided to AICenter once again.