I need to create a new user using postman
I use the address: http://localhost:1337/api/users, make a POST request to it with the following data:
{
"data": {
"username": "Rafael",
"email": "rafael#rafael.com",
"password": "1234",
"confirmed": false,
"blocked": false
}
}
But I get
{
"data": null,
"error": {
"status": 500,
"name": "InternalServerError",
"message": "Internal Server Error"
}
}
And in VS Code I get: error: Forbidden access
What could it be?
Forbidden access 403, can be caused by several things:
You didn't pass API token (jwt) to the request header (Bearer token)
You have to allow the user/admin role to access User collection.
You can find all the config in the Admin Panel Settings menu.
Create and manage API token in Strapi: https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/api-tokens.html#api-tokens
Configure admin role access: https://docs.strapi.io/user-docs/latest/users-roles-permissions/configuring-administrator-roles.html
Configure end-user role access: https://docs.strapi.io/user-docs/latest/users-roles-permissions/configuring-end-users-roles.html
Hope it helps!
Related
I'm working on a Microsoft Teams tab and am planning to use some of the new RSC endpoints to retrieve members of the Team/group the app has been added to.
I have followed all steps from the RSC docs looked at the RSC sample code but still have an issue making Graph API calls to the beta rsc endpoints.
I have listed the RSC permission in the Teams manifest:
"webApplicationInfo": {
"id": "{AD_APP_CLIENT_ID}",
"resource": "https://notapplicable"
},
"showLoadingIndicator": true,
"authorization": {
"permissions": {
"orgWide": [],
"resourceSpecific": [
{
"name": "Member.Read.Group",
"type": "Application"
},
{
"name": "TeamSettings.Read.Group",
"type": "Application"
},
{
"name": "ChatSettings.Read.Chat",
"type": "Application"
},
{
"name": "ChatMember.Read.Chat",
"type": "Application"
},
{
"name": "ChannelSettings.Read.Group",
"type": "Application"
},
{
"name": "TeamMember.Read.Group",
"type": "Application"
}
]
}
}
Query Graph API like so:
GET https://graph.microsoft.com/beta/teams/{{group_id}}/channels/{{channel_id}}
Authorization: Bearer {{access_token}}
content-type: application/json
Where access_token is retrieved like so:
POST https://login.microsoftonline.com/{{ad_tenant_id}}/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id={{ad_app_client_id}}&client_secret={{ad_app_client_secret}}&scope=https://graph.microsoft.com/.default
When I make the GET request to a group+channel which is in the same AAD as where the AAD Application is registered it works fine and information is returned. However, when I run the exact same code on a group+channel which is in a different AD it returns 403 Forbidden.
{
"error": {
"code": "Forbidden",
"message": "Missing role permissions on the request. API requires one of 'TeamMember.Read.All, TeamMember.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, TeamMember.Read.Group, Member.Read.Group'. Roles on the request 'Group.Selected'. Resource specific consent grants on the request ''.",
"innerError": {
"date": "2022-04-06T14:13:26",
"request-id": "ce212ed2-48dc-4a8e-a7ea-4172d0cfd4c4",
"client-request-id": "ce212ed2-48dc-4a8e-a7ea-4172d0cfd4c4"
}
}
}
The response mentions "Resource specific consent grants on the request ''." which seems to suggest it's either missing a header or another access token.
As mentioned before, this exact same code works perfectly fine when I use a group_id and channel_id from within the same AD tenant.
What other steps need to be done to get RSC calls working?
I'm new to Strapi and Following Strapi Tutorial Playlist in Youtube.Youtube Playlist is old and He is using Strapi V3. But Current Version is 4.0.5. I facing problem in using API Endpoint.
I created Collection type and named it as Posts.I even published it.When I navigate to http://localhost:1337/api/posts, It returns
{
"data": null,
"error": {
"status": 403,
"name": "ForbiddenError",
"message": "Forbidden",
"details": {}
}
}
Does somebody help me please?
If you try to retrieve the data as a public user, then you need to go to roles and set the appropriate rights.
Settings -> Users & Permissions -> Roles -> Public -> Posts
then make sure find and fineone are checked.
For me, the problem was that I needed to set a scope for the auth configs of the route.
Like this (please note the scope):
routes: [
{
method: 'GET',
path: '/custom-route',
handler: 'custom-controller.getCustomMethod',
config: {
policies: [],
auth: {
scope: ['find'],
},
},
},
],
I have a problem with creating teams using the Microsoft Graph Api. I can get/create groups but when I try to get/create teams I get an error. I'm using postman and the group has owners and members, just as the documentation of MS, also has the permissitions it asks for groups. If somebody can help me, cause I look everywhere for a same error but no found it.
PUT https://graph.microsoft.com/v1.0/groups/{id}/team
Headers: Authorization: bearer token and content-type: json
Body is
{
"memberSettings": {
"allowCreateUpdateChannels": true
},
"messagingSettings": {
"allowUserEditMessages": true,
"allowUserDeleteMessages": true
},
"funSettings": {
"allowGiphy": true,
"giphyContentRating": "strict"
}
}
I always get the same error
{
"error": {
"code": "BadGateway",
"message": "Failed to execute backend request.",
"innerError": {
"request-id": "45eeba8a-9d35-45e8-b42e-c60da7a47dde",
"date": "2020-01-23T21:55:44"
}
}
}
According to the Graph API docs for this, you're not calling the correct endpoint to create a new Team. It should be
POST https://graph.microsoft.com/beta/teams
and a payload similar to
Content-Type: application/json
{
"template#odata.bind": "https://graph.microsoft.com/beta/teamsTemplates('standard')",
"displayName": "My Sample Team",
"description": "My Sample Team’s Description",
"owners#odata.bind": [
"https://graph.microsoft.com/beta/users('userId')"
]
}
Note that it's slightly different, as per the docs, whether you're using delegated versus application permissons.
I'm creating the following request in vbscript and sending to the gocardless sandbox:
url="https://api-sandbox.gocardless.com/"
typ="GET"
Set xml = Server.CreateObject("MSXML2.ServerXMLHTTP")
xml.Open typ, url, False
xml.setRequestHeader "Authorization", "Bearer " & GCAccessToken
xml.SetRequestHeader "GoCardless-Version", "2015-07-06"
xml.SetRequestHeader "Accept","application/json"
xml.SetRequestHeader "Content-Type", "application/json"
xml.Send
GetGC = xml.responseText
Set xml = Nothing
The response I always get despite any tweaks I do is:
{"error":{"message":"not found","errors":[{"reason":"not_found","message":"not found"}],"documentation_url":"https://developer.gocardless.com/api-reference#not_found","type":"invalid_api_usage","request_id":"0AA4000DECCD_AC121CEB1F90_5BE18701_19AD0009","code":404}}
Any help would be appreciated. Have successfully done similar for Stripe but now need to use GC.
If you read the response from the API
{
"error": {
"message": "not found",
"errors": [{
"reason": "not_found",
"message": "not found"
}
],
"documentation_url": "https://developer.gocardless.com/api-reference#not_found",
"type": "invalid_api_usage",
"request_id": "0AA4000DECCD_AC121CEB1F90_5BE18701_19AD0009",
"code": 404
}
}
The error appears to be a HTTP status code (as is common with RESTful APIs) - 404 Not Foundlooking at the documentation link provided in the response;
404
Not Found. The requested resource was not found or the authenticated user cannot access the resource. The response body will explain which resource was not found.
So the issue could be;
You have failed to authenticate using the token in the code provided.
You authenticated but don't have permission to access the resource.
The resource you are looking for does not exist.
In this particular instance, I would suggest it is because the resource doesn't exist as the code doesn't specify a resource, only the base URL of the API which won't constitute an API endpoint you can interact with.
Looking at the documentation it's clear you need to provide a valid endpoint in the URL, at the time of writing there are 15 core endpoints to interact with along with 2 helper endpoints.
For example, a create payment request/response would look like;
POST https://api.gocardless.com/payments HTTP/1.1
{
"payments": {
"amount": 100,
"currency": "GBP",
"charge_date": "2014-05-19",
"reference": "WINEBOX001",
"metadata": {
"order_dispatch_date": "2014-05-22"
},
"links": {
"mandate": "MD123"
}
}
}
HTTP/1.1 201 (Created)
Location: /payments/PM123
{
"payments": {
"id": "PM123",
"created_at": "2014-05-08T17:01:06.000Z",
"charge_date": "2014-05-21",
"amount": 100,
"description": null,
"currency": "GBP",
"status": "pending_submission",
"reference": "WINEBOX001",
"metadata": {
"order_dispatch_date": "2014-05-22"
},
"amount_refunded": 0,
"links": {
"mandate": "MD123",
"creditor": "CR123"
}
}
}
Unfortunately, the code sample provided in the question doesn't really do anything so it's difficult to suggest what you are trying to do. In conclusion, I would suggest re-visiting the documentation for the API and look through the samples provided.
I have a web app registered on Azure with the goal of being able to read and write the calendars of other users. To do so, I set these permissions for this app on Azure.
However, when I try to, for example, create a new event for a given user, I get an error message. Here's what I'm using:
Endpoint
https://graph.microsoft.com/v1.0/users/${requester}/calendar/events
HTTP Header
Content-Type application/json
Request Body
{
"subject": "${subject}",
"body": {
"contentType": "HTML",
"content": "${remarks}"
},
"start": {
"dateTime": "${startTime}",
"timeZone": "${timezone}"
},
"end": {
"dateTime": "${endTime}",
"timeZone": "${timezone}"
},
"location": {
"displayName": "${spaceName}",
"locationEmailAddress": "${spaceEmail}"
},
"attendees": [
{
"emailAddress": {
"address": "${spaceEmail}",
"name": "${spaceName}"
},
"type": "resource"
}
]
}
Error message
{
"error": {
"code": "ErrorItemNotFound",
"message": "The specified object was not found in the store.",
"innerError": {
"request-id": "XXXXXXXXXXXXXXXX",
"date": "2018-07-11T09:16:19"
}
}
}
Is there something I'm missing? Thanks in advance for any help!
Solution update
I managed to solve the problem by following the steps described in this link:
https://developer.microsoft.com/en-us/graph/docs/concepts/auth_v2_service
From your screenshot it's visible that you used application permission (although it'd be nice to include this information in your question):
Depending on kind of the permission you have given, you need to use proper flow to obtain access token (on behalf of a user or as a service. For application permissions you have to use flow for service, not on behalf of a user.
You can also check your token using jwt.io and make sure it's payload contains appropriate role. If it doesn't, it's very likely you used incorrect flow.
Regarding the expiration time of it, you may have found the information about refresh token (for example here). Keep in mind that it applies only to rights granted on behalf of a user. For access without a user you should make sure that you know when your token is going to expire and request a new one accordingly.