Skip to main content
Question

Rundeck RemoteURL bearer token

  • May 27, 2026
  • 2 replies
  • 33 views
R
Forum|alt.badge.img

Hello Everyone,

I’m a Devops Engineer , who worked with rundeck for few years, both for personal and profesional projects.

I’m trying to use Rundeck “remoteURL” feature to list as values some informations regarding container stacks on dockhand platform.

Everything is collected and working perfectly when dockhand authentication is disabled, but when authentication is enabled, i’m unable to make it work. Dockhand can only authenticate on API with a bearer token that it generated like in this call :

curl -X GET -H "Authorization: Bearer dh_mytokengeneratedbydockhand" https://dockhand-platform.test/api/stacks?env=1 -s | jq .[].name

"dockhand"
"gitlab-ce"
"technitium"

But i’m unable to reproduce this behavior with remoteURL configuration. I did try to add my token in rundeck key storage, in “password” type , then select Bearer in authentication type and filling the rundeck key. 

The result seems to always be a 401 unauthorized error, and it seems that if I edit my job again, the authentication fields with the previously filled rundeck key seems to be empty / or resetted.
NB : everything is working out-of the box without any authentication on dockhand side.

Am I missing / misunderstanding something regarding this use case ? I’m using docker official image for rundeck community. I wanted to try my luck on the rundeck-discuss google group but it seems that this is the new entrypoint now. No errors seems to be printed on rundeck side.

Thank you so much for your help and support.

Regards,

2 replies

M
Forum|alt.badge.img
  • MegaDrive68k
  • PagerDuty Team 📟
  • May 28, 2026

Hi! Could you please share the job definition to take a look? Thanks!

    R
    Forum|alt.badge.img
    • Ryuaneru
    • Author
    • New Member 👋
    • May 28, 2026

    Hey , thank you for your answer !

    I’m not sure if you will be able to reproduce the same test , as long as it need a dockhand platform and the same setup , but you will find my job definition here in YAML ( the job definition is very light, as it’s for testing, only a remoteURL option defintion ) : 
     

    - defaultTab: nodes
      description: 'For restarting a specific docker stack '
      executionEnabled: true
      group: Docker-management
      id: bbfb1079-4cc9-4812-a485-2333b9be46e4
      loglevel: DEBUG
      name: 'Restart docker stack '
      nodeFilterEditable: false
      options:
      - configRemoteUrl:
          jsonFilter: $..containerDetails.*['name']
          tokenStoragePath: keys/dockhand-token
        delimiter: ''' '''
        description: Name of docker stacks issued by dockhand
        enforced: true
        label: dockhand-stacks
        multivalued: true
        name: dockhand-stacks
        required: true
        type: text
        valuesUrl: https://dockhand-boxes.local/api/stacks?env=1
      plugins:
        ExecutionLifecycle: {}
      scheduleEnabled: true
      sequence:
        commands:
        - exec: 'echo "hello world" '
        keepgoing: false
        pluginConfig:
          WorkflowStrategy:
            node-first:
              info: |-
                <table>
                    <tr><td>1.</td><td class="text-info">NodeA</td> <td>step 1</td></tr>
                    <tr><td>2.</td><td class="text-info">"</td> <td>step 2</td></tr>
                    <tr><td>3.</td><td class="text-info">"</td> <td>step 3</td></tr>
                    <tr><td>4.</td><td class="text-muted">NodeB</td> <td>step 1</td></tr>
                    <tr><td>5.</td><td class="text-muted">"</td> <td>step 2</td></tr>
                    <tr><td>6.</td><td class="text-muted">"</td> <td>step 3</td></tr>
                </table>
        strategy: node-first
      user: myuser
      uuid: bbfb1079-4cc9-4812-a485-2333b9be46e4

    There is a https://dockhand-boxes.local/api/health endpoint that is accessible without authentication, and that is producing the working results ( json path filter and results isn’t accurate , but it’s ok ): 



     And as I said , when authentication on dockhand is disabled , the remoteURL option collection on stacks endpoint is working fine too. It seems i’m unable to use my bearer token or authenticate like I would do with the curl, so I probably did a mistake or misunderstanding somewhere … 

    If I edit the job again , you can see the field authentication seems to be empty. Maybe the output is just masked and correctly used in the job btw.

     


    And this is log printed when doing a test : 
     

    [2026-05-28T15:03:14,799] INFO  storage.events get file keys/dockhand-token - {Rundeck-content-type=application/x-rundeck-data-password, Rundeck-auth-modified-username=myuser, Rundeck-content-modify-time=2026-05-17T18:45:51Z, Rundeck-content-creation-time=2026-05-17T18:45:51Z, Rundeck-content-size=46, Rundeck-auth-created-username=myuser, Rundeck-content-mask=content, Rundeck-data-type=password}
    [2026-05-28T15:03:14,802] INFO  storage.events get file keys/dockhand-token - {Rundeck-content-type=application/x-rundeck-data-password, Rundeck-auth-modified-username=myuser, Rundeck-content-modify-time=2026-05-17T18:45:51Z, Rundeck-content-creation-time=2026-05-17T18:45:51Z, Rundeck-content-size=46, Rundeck-auth-created-username=myuser, Rundeck-content-mask=content, Rundeck-data-type=password}
    [2026-05-28T15:03:14,804] INFO  storage.events get file keys/dockhand-token - {Rundeck-content-type=application/x-rundeck-data-password, Rundeck-auth-modified-username=myuser, Rundeck-content-modify-time=2026-05-17T18:45:51Z, Rundeck-content-creation-time=2026-05-17T18:45:51Z, Rundeck-content-size=46, Rundeck-auth-created-username=myuser, Rundeck-content-mask=content, Rundeck-data-type=password}
    [2026-05-28T15:03:14,825] ERROR services.ScheduledExecutionService - getRemoteJSON error: URL https://dockhand-boxes.local/api/stacks?env=1 : Server returned an error response: 401 Unauthorized
    [2026-05-28T15:03:14,825] INFO  http.options 401 -1B 13ms - [Docker-management/Restart docker stack ] https://dockhand-boxes.local/api/stacks?env=1 -
    [2026-05-28T15:03:14,843] ERROR services.ScheduledExecutionService - getRemoteJSON error: URL https://dockhand-boxes.local/api/stacks?env=1 : Server returned an error response: 401 Unauthorized
    [2026-05-28T15:03:14,843] INFO  http.options 401 -1B 12ms - [Docker-management/Restart docker stack ] https://dockhand-boxes.local/api/stacks?env=1 -
    [2026-05-28T15:03:14,859] ERROR services.ScheduledExecutionService - getRemoteJSON error: URL https://dockhand-boxes.local/api/stacks?env=1 : Server returned an error response: 401 Unauthorized
    [2026-05-28T15:03:14,859] INFO  http.options 401 -1B 11ms - [Docker-management/Restart docker stack ] https://dockhand-boxes.local/api/stacks?env=1 -
    [2026-05-28T15:03:14,875] ERROR services.ScheduledExecutionService - getRemoteJSON error: URL https://dockhand-boxes.local/api/stacks?env=1 : Server returned an error response: 401 Unauthorized
    [2026-05-28T15:03:14,875] INFO  http.options 401 -1B 11ms - [Docker-management/Restart docker stack ] https://dockhand-boxes.local/api/stacks?env=1 -
    [2026-05-28T15:03:14,891] ERROR services.ScheduledExecutionService - getRemoteJSON error: URL https://dockhand-boxes.local/api/stacks?env=1 : Server returned an error response: 401 Unauthorized


    Thank you so much for you help and support, I appreciate :)

    Terms & ConditionsAccessibility statement