Overview π₯
When setting up the BrightGauge integration with Liongard, you may encounter the error:
You do not have permission to access this URL.
This happens when the integration is configured using a Liongard Agent Install Key instead of a Liongard API Token. BrightGauge requires proper API authentication to access Liongard data, and agent install keys cannot provide the necessary permissions.
This article explains:
Why the error occurs.
The difference between install keys and API tokens.
How to correctly generate an API token.
Steps to update BrightGauge.
Security reminders & when to contact support.
Why This Happens? π€
The root cause is using the wrong type of credential.
Credential Comparison
Credential Type | Purpose | Can Access Liongard API? | Works With BrightGauge? |
Agent Install Key | Used only to install Liongard Agents on machines | β No API access | β Not supported |
API Token | Secure token used for integrations (BrightGauge, PowerShell, custom APIs) | β Full API access (based on user permissions) | β Required |
Summary
BrightGauge communicates with Liongard via API endpoints, so it must authenticate using a Liongard API Token, not an install token.
How to Resolve the Error π§βπ«
Follow the steps below to correct the integration.
1οΈβ£ Generate a Liongard API Token
You will need a token with permissions to access the data BrightGauge will query.
Instructions
Log into Liongard.
Click your username (top-right corner).
Select Account Settings.
Navigate to Access Tokens.
Click Generate New Token.
Copy and securely save:
Access Key ID
Access Key Secret (shown only once)
Field | Description |
Access Key ID | Used as the username for authentication |
Access Key Secret | Used as the password; displayed only once |
π¦ The token inherits the permissions of the user account that generated it.
2οΈβ£ Update the BrightGauge Integration
Log into BrightGauge.
Go to Datasources β Liongard.
Replace the existing credentials with your API Key ID and API Key Secret.
Save the integration.
Test a data pull to confirm successful authentication.
3οΈβ£ Verify Token Permissions (If Issues Continue)
The API token must be created by a Liongard user who has access to the data BrightGauge is trying to report on.
Recommended Minimum Permissions
Area | Needed? | Why |
Inspectors | β | Needed for metrics/data extraction |
Environment Access | β | Determines which customers BrightGauge can query |
Read-Only or Above | β | Read is sufficient; admin not required |
If the user lacks permission to view data in Liongard, BrightGauge pulls will fail.
Summary π€©
Symptom | Likely Cause | Resolution |
Same error after replacing credentials | Wrong credential type used | Ensure you're using API token, not install key |
βUnauthorizedβ or 401 errors | Token created by user with low permissions | Generate token using a user with correct read access |
Data sync partially works | Mixed outdated and new tokens in BrightGauge | Remove old credentials and restart data source |
BrightGauge cannot connect at all | Network/firewall restrictions | Ensure access to Liongard API endpoint |
Security Reminder π
Store API tokens in a secure password vault
Never share tokens in chat, email, or screenshots
Revoke old or unused tokens
Rotate tokens periodically based on organizational policy
When to Contact Support π¦
Contact Liongard Support if:
You used a correct API token but still receive permission errors.
API requests are failing despite valid credentials.
You observe inconsistent or partial data sync results.
You want help validating API request logs.
π― Include timestamps, the user account used, and any BrightGauge error text.
Contact BrightGauge Support if:
BrightGauge cannot connect to any external datasource.
Data sets fail to refresh after credentials are updated.
Dashboard widgets show stale or missing data.
API token fields in UI appear to not save or accept new tokens.