When accessing Boundary for the first time after a fresh installation and attempting to authenticate without previously specifying a primary authentication method, users may encounter the error discussed below.
For example, using either the boundary authenticate password or boundary authenticate command for the first authentication attempt in Boundary, which relies on the password authentication method, leads to the following error message being displayed:
Primary auth method not found for scope ID: 'global'. Please set a primary auth
method on this scope or pass one explicitly using an authenticate sub command
(see 'boundary authenticate -h') along with the -auth-method-id flag
Cause:
This error occurs because Boundary cannot find a primary authentication method associated with the specified scope ID ('global' in this case). Without a primary authentication method set or explicitly specified, Boundary cannot authenticate the user, resulting in the displayed error message.
Solution:
To resolve this issue, it's necessary to ensure that a primary authentication method is set for the specified scope ID. Follow these steps to set the primary authentication method using the password authentication method:
1. List Available Authentication Methods:
$ boundary auth-methods list
ID NAME DESCRIPTION
authm_pw_DVHhC46KPq Password Password authentication method
Note down the ID of the password authentication method (authm_pw_DVHhC46KPq in this example).
2. Set Password Authentication Method as Primary:
Use the boundary scopes update command to set the password authentication method as the primary authentication method for the specified scope ID ('global' in this example).
$ boundary scopes update \
-id global \
-primary-auth-method-id authm_pw_DVHhC46KPq
This command designates the password authentication method (authm_pw_DVHhC46KPq in this example) as the primary authentication method for the specified scope ('global').
Note:
Ensure that the user executing these commands possesses the requisite permissions. Additionally, substitute the correct values for the scope ID and authentication method ID according to the specific environment configuration.
You can achieve the same result using the UI, as demonstrated below:
Following these steps should rectify the error associated with the absence of a primary authentication method in Boundary for the specified scope ID. For further assistance, refer to the Boundary documentation or contact the support team.