HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

API V2 using access token for member user throws Garden.SignIn.Allow Error. Vanilla 2021.011

diana_nadiana_na New
edited June 2021 in Vanilla 3.x Help

Hi everyone,

I am planning to create a client android app for member users, with basic functionality, like view discussions and add comments.

Towards that, I have been attempting the following:

  1. Registered a member user on the site, lets call it: test_member.
  2. Generated tokens (using postman) for test_member using @R_J api_token plugin. https://github.com/R-J/apitoken
  3. Placed the generated token in the bearer token field, created the required body with required fields and made a post request.

However, got a 403 response with the description "You need the Garden.SignIn.Allow permission to do that."

Can anyone help me with debugging this?

Note: Garden.tokens.add permission as well as Garden.Signin.allow is checked for members in the roles and permissions setting.

The member email is also verified. Comments can be posted normally from the site.




Tagged:

Comments

Sign In or Register to comment.