Receiving Stardog Authentication Failed Error for 'admin' Role

Created by Matt Nolan, Modified on Thu, Mar 20 at 10:57 AM by Matt Nolan

If you are receiving an error like the one below:


Stardog Authentication Failed
Your authentication for this endpoint has expired or is not valid.
Your current role claims:
  • admin
To authenticate successfully, your user roles must be properly configured on the Stardog server. If you're experiencing issues, please contact your system administrator to verify your role configuration.
Please log in again to refresh your authentication.

Re-authenticate


You're getting this error because you don't have the `admin` role on your server. 


It needs to be created and have the proper privileges. 


For Kubernetes, for example, here is the relevant snippet from: 

charts/stardog/docs/launchpad-kubernetes/index.md#idp-and-stardog-roles:


Configuring IdP and Stardog Roles

During IdP setup, you would likely have created three groups associated with the reader, writer, and admin roles. 

As only the reader role exists in Stardog by default, you will need to create the writer and admin roles. 

You can do that with the following commands:
kubectl exec -n $NAMESPACE ${NAMESPACE}-stardog-0 -- /opt/stardog/bin/stardog-admin role add writer
kubectl exec -n $NAMESPACE ${NAMESPACE}-stardog-0 -- /opt/stardog/bin/stardog-admin role grant -n writer -a write -o *:*
kubectl exec -n $NAMESPACE ${NAMESPACE}-stardog-0 -- /opt/stardog/bin/stardog-admin role add admin
kubectl exec -n $NAMESPACE ${NAMESPACE}-stardog-0 -- /opt/stardog/bin/stardog-admin role grant -n admin -a all -o *:*

These commands exec into the ${NAMESPACE}-stardog-0 pods in the $NAMESPACE namespace and perform role add and role grant on the writer and admin roles. 


To learn more about our Security Model, see here

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article