https://prefect.io logo
Join Slack
Powered by
Hi! I'm brand new and just getting started with Pr...
# prefect-ui
o
Hi! I'm brand new and just getting started with Prefect for the company I'm working with (Open-Issue). I'm following the beginner's tutorial and the Create A Service Account Key instructions, but am getting an 
Unauthorized
error when trying to add a service account on this page. (See attached screenshots.) Is that because the account I'm using is on the Free Plan?
k
Hey @Open-Issue Prefect Team 1, do you have admin credentials in this tenant? Are you the only one in this tenant?
o
I'm the only one in it. And when I look at the Team page I see that my role is Administrator.
k
Will ask the team about this.
o
I'm not sure if this is relevant, but when I follow the super-basic steps in the tutorial I get this warning:
Copy code
UserWarning: Client was created with an API token configured for authentication. API tokens are deprecated, please use API keys instead.
I've got 
~/.prefect/config.toml
configured with:
Copy code
[cloud]
auth_token = "<TOKEN HERE>"
It's an API key, so is 
auth_token
wrong?
k
Oh about that for 0.15.0 we moved to keys rather than tokens so it should be:
Copy code
[cloud]

api_key = "<YOUR-KEY>"
o
Ah ha! That might be the root cause then. I took that set up from this page: https://cloud.prefect.io/tutorial/Universal-Deploy#authenticating-with-prefect-cloud. So maybe that tutorial needs an update?
I will try changing that and see if it works.
k
Yeah probably. The docs is updated here
o
Thanks for that. By making that change I seem to no longer get that error. Thank you for asking the team @Kevin Kho, because that 
Unauthorized
problem seems to be unrelated.
k
Yep that one I will ask about
Oh I tried it and I know what is going on now. More granular permissions are an enterprise feature so you can’t make Read Only accounts
I’ll update that tutorial
o
Great, thanks so much for your help with this @Kevin Kho! I this I understand now. I get an unauthorized error if I use Role 
User
or 
Read only
. It succeeded just now when I tried using Role 
Administrator
. So, like you say, you can't narrow down Service Account permissions unless you're on an Enterprise plan. But you can create a Service Account.
k
Yes that’s exactly right!
o
Not intuitive, but makes sense now. Yeah, if you update the tutorial that would be helpful for other people avoiding this error in the future.
k
Will be on it 👍
Hey, so I chatted with the team and I think we’re gonna remove the tutorial there instead of updating it. Not a lot of people use it and can consolidate it in the Docs. The issue is here if you want to keep track of it. Also, the options to create 
User
and 
Read Only
keys should not appear in your drop down on the free tier so that is a bug and we’ll open another issue for it.
o
Great support, thank you so much!
I just commented on the GitHub issue. And thanks for filing the bug report about the 
User
and 
Read only
keys that should not appear on the free tier.
k
That one is here in case you wanna follow it
3 Views
Open in Slack
PreviousNext
Powered by