[qitang@wlc-trust-182 errata]$  oc exec logging-fluentd-gkqgx -- curl --silent -vk -X GET -H "Authorization: Bearer ErAGT8RON9oUsLzX8zpgzA2tQCvmJpSvEVpEpeHm5p0"  -H "X-Forwarded-For: 0.0.0.0" "https://172.30.203.26:9200/_cat/indices" |jq
* About to connect() to 172.30.203.26 port 9200 (#0)
*   Trying 172.30.203.26...
* Connected to 172.30.203.26 (172.30.203.26) port 9200 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* skipping SSL peer certificate verification
* NSS: client certificate not found (nickname not specified)
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
* 	subject: CN=logging-es,OU=OpenShift,O=Logging
* 	start date: Mar 06 03:39:23 2019 GMT
* 	expire date: Mar 05 03:39:23 2021 GMT
* 	common name: logging-es
* 	issuer: CN=logging-signer-test
> GET /_cat/indices HTTP/1.1
> User-Agent: curl/7.29.0
> Host: 172.30.203.26:9200
> Accept: */*
> Authorization: Bearer ErAGT8RON9oUsLzX8zpgzA2tQCvmJpSvEVpEpeHm5p0
> X-Forwarded-For: 0.0.0.0
> 
< HTTP/1.1 403 Forbidden
< content-type: application/json; charset=UTF-8
< content-length: 547
< 
{ [data not shown]
* Connection #0 to host 172.30.203.26 left intact
{
  "error": {
    "root_cause": [
      {
        "type": "security_exception",
        "reason": "no permissions for [indices:monitor/stats] and User [name=qitang, roles=[gen_user_c12936f199296e4d3077f69d6ef20d7620236afc, gen_project_operations, prometheus, gen_kibana_c12936f199296e4d3077f69d6ef20d7620236afc]]"
      }
    ],
    "type": "security_exception",
    "reason": "no permissions for [indices:monitor/stats] and User [name=qitang, roles=[gen_user_c12936f199296e4d3077f69d6ef20d7620236afc, gen_project_operations, prometheus, gen_kibana_c12936f199296e4d3077f69d6ef20d7620236afc]]"
  },
  "status": 403
}
[qitang@wlc-trust-182 errata]$ oc whoami
qitang
[qitang@wlc-trust-182 errata]$ oc auth can-i view pods -n default
yes

Version: logging-elasticsearch5-v3.11.88-3

*** This bug has been marked as a duplicate of bug 1548640 ***