I just switched my Mayan instance to OIDC login and realised that my user that adds metadata to documents is no longer able to read the document details via api:
While this gives me a result with my admin user:
https://mydomain/api/v4/documents/2531/
I don’t get any results for my metadata bot user.
Up until I was still logging in with the mayan authentication backend I had no problems so the permissions should be fine. Also there was no Mayan update in between, I just stayed on the same version.
Also I can’t really add more permissions since I got all role permissions already selected that could potentially be needed (sorry it’s in German):
EDIT: Nevermind, it was of course my mistake… I had to set a mail address for this user in mayan for OIDC login to work and had a typo in there. Therefore mayan created a new user instead
I still get a 404 in my application but it works in the browser. Cannot figure out so far why cause all other api calls are working fine
By debugging I could further track this down:
Actually I don’t get any data on most endpoints. I receive data only from the content_types endpoint.
For all other I don’t receive any data.
For example:
curl -v https://DOMAIN/api/v4/document_types/ -H “Accept: application/json” -H “Authorization: Bearer TOKEN” does seem to authenticate fine but does not return any data.
Whereas:
curl -v https://DOMAIN/api/v4/content_types/ -H “Accept: application/json” -H “Authorization: Bearer TOKEN”
returns data
{"count":152,"next":"https://DOMAIN/api/v4/content_types/?page=2","previous":null,"results":[{"app_label":"acls","id":18,"model":"accesscontrollist","url":"https://DOMAIN/api/v4/content_types/18/"},{"app_label":"acls","id":120,"model":"globalaccesscontrollistproxy","url":"https://DOMAIN/api/v4/content_types/120/"}
...
Is anyone experiencing the same? It is a bit strange since I see data in the Browser with the same user…
Return code is always 200 btw…
1 Like
Figured out that the content_types endpoint delivers data also unauthenticated users. So basically it seems that mayan just ignores the Bearer token for some reason… It seems as if I’m not authenticated at all
1 Like