1

Using the OLP CLI, how do I determine the HRN to use? When I take the HRN that shows in the console for my project and call

./olp app domain list "hrn:here:authorization::myorg:project/projectId"

I get the error:

 "error_description": "errorCode: '400288'. Unexpected HRN entity type for requested resource : hrn authorization:myorg:project/projectId",

(Obviously I’ve replace the actual IDs here)

I can't see any documentation that relates to this error message, or about how I determine the HRN to use. In fact this HRN is the only one I can find in the console.

(Cross-posted from Slack workspace for reach)

Dima
  • 420
  • 2
  • 17
Ross Coundon
  • 647
  • 1
  • 9
  • 20

1 Answers1

1

The error is connected to the fact that you pass a project HRN instead of an application HRN. According to the documentation the command accepts only application HRNs.

olp app domain list <app HRN> [command options]

The HRN for the application can be retrieved using olp app list. The documentation of the command can be found here. For the case when the application has been created via CLI.

If you want get the HRN for the application created on the portal. Please use the following steps:

  1. Go to Access Manager.
  2. Find your application in the list of apps.
  3. Open Developer Tools in the browser and refresh the page of the application.
  4. Find trustedDomainsEnabled request and check the URL. It should contain URL encoded HRN as the part of URL before /trustedDomainsEnabled See the picture from Chrome.

enter image description here

I know it is tricky, but this is the only solution I found.

Dima
  • 420
  • 2
  • 17
  • 1
    Thank you! There seems to be a problem with the credentials I'm using, when I run `olp app list` I get nothing back ( I had tried that previously too). Using your developer tools idea, I can get the HRN, so that's a step forward. However, running`olp app domain list` for that HRN gives the error These credentials do not authorize access for this operation However, I have only one set of creds for this account and it's an admin, so something's not right somewhere. Will keep digging – Ross Coundon Nov 10 '22 at 09:54
  • 1
    I reproduced the issue with my application. I fixed it adding the CLI app to managers. Please run `olp credentials list` command and find the App ID. Go to the application page switch to `Access and permissions` tab. Add the CLI app as a manager. The `olp app domain list` should work. – Dima Nov 10 '22 at 10:06
  • Thanks - that seems to have done the trick – Ross Coundon Nov 16 '22 at 09:38