Agent Connector Sign-In
Agent Connector Installation Sign-In
Installing an Agilicus Agent Connector creates a new type of user, a service account. This service account is created automatically for you, using your (the administrators) privilege as a bootstrap. This service account has a restricted set of abilities. You may see (and delete after deleting an agent connector) in the admin front end under ‘Access/Service Accounts’.
Once this service account is created, the Agent Connector will use this identity without further user intervention.
In order to create the service account, and get its credentials, the install process needs you to authorise it. To do this, 2 methods exist (both yield identical results):
- Open a new browser, request you to sign in. This in turn uses a ‘callback’ URI that points to the host you are trying to install the connector on. Your browser, upon finishing the sign-in flow, will do a redirect to http://localhost:<someport>, passing the access token forward.
- Copy a URL you are given, paste it into your browser, this will give you a code, paste that back into the location you started the install from.
Typically if you are using a graphical desktop operating system, and signed into it as yourself, you would use method #1. If you are remotely accessing a system, or it is a headless embedded device, you would use method #2.
In some cases both methods are available, in which case the first one to answer will be used.
Note: The Agent Connector installation process should be run with Administrative (e.g. Root, LocalAdmin privilege). If you do not, it will attempt to elevate for you (as you can see in the below example).
A console log of the initial install process is shown below. In this example, you would have seen your browser open automatically with a sign-in screen as above right. If you sign in this way, the installation will complete.
Instead, you may copy the URL given (https://auth.YOURDOMAIN/auth?client_id=agilicus-builtin-agent-connector…) into the browser on your desktop. You will then see a screen as shown. Copy the token (osfygqo2j…) and paste it in where it says “Enter verification code:“, and the installation will complete.
Whichever method you use, you will achieve the same result, and the Agilicus Agent Connector will need no further intervention.
INFO[2022-05-29T11:45:38-04:00] Starting client - version v0.119.0-5 INFO[2022-05-29T11:45:38-04:00] User is not admin, attempting to elevate. If this fails, re-run as admin/root with same arguments. re-run [/usr/bin/sudo /bin/sh -c "/home/don/src-ag/platform/secure-exposed-agent/bin/agilicus-agent" "client" "--install" "--agent-id" "GLrmn8mKJ6W45c8Bo3ABCK" "--oidc-issuer" "https://auth.dbt.agilicus.cloud"] INFO[2022-05-29T11:45:38-04:00] Starting client - version v0.119.0-5 You have **2** methods to provide your authentication. Use the most convenient. 1. You may see a browser open. If you sign in to it, this flow will complete automatically, and ignore the url below/paste. 2. You will see a URL appear here. Cut and paste that into a browser you are signed-into. It will then give you a code to paste here. Typically #1 is used if you are signed into this machine directly, and #2 for ssh or remote desktop or embedded devices. If a browser did not open automatically, please open this link in your desktop browser to retrieve the authentication code, and paste below: https://auth.YOURDOMAIN/auth?client_id=agilicus-builtin-agent-connector&... Enter verification code:
Return to Product Configuration
- Geo-Location-Based Access Control
- Locked-Down Networks Certificate Revocation
- Time Synchronisation
- Agent Connector Sign-In
- Resources – Overview, Concepts
- Connect to VTScada – Adding a Web Application
- Web Application Security
- Administrative Users
- Define Application: Proxy
- Authorisation rules
- Real VNC & Raspberry Pi
- Agent Connector Install: Raspberry Pi
- Kubernetes Agent Connector Install
- Linux, FreeBSD, Embedded Agent Connector Install
- Agent Connector Install: Ubiquity EdgeRouter X
- Audit Destinations
- Agent Connector Install: Netgate SG-1100 pfSense
- Identity Group Mapping
- Auto-Create Users From Specific Domain With Google Workplace
- Authentication Audit
- Authentication Issuer – Custom Identity
- Microsoft ClickOnce
- Agilicus Agent Windows Cluster
- Usage Metrics
- Service Accounts
- Identity & Authentication Methods
- Content Security Policy
- Sign-In Theming
- Sign in With Apple
- Azure Active Directory
- Sign in With Microsoft
- Agilicus Agent (Desktop)
- Zero-Trust SSH Access
- Theory of Operation: CNAME + DOMAIN
- Zero-Trust Desktop Access
- Command Line API Access
- Multi-Factor Authentication
- Authentication Rules
- Application Request Access
- OpenWRT Agent Connector Install
- Synology Agent Connector Install
- Authentication Clients
- Authentication Rules
- Resource Permissions
- Resource Groups
- Legacy Active Directory