HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
API V2 using access token for member user throws Garden.SignIn.Allow Error. Vanilla 2021.011
diana_na
New
Hi everyone,
I am planning to create a client android app for member users, with basic functionality, like view discussions and add comments.
Towards that, I have been attempting the following:
- Registered a member user on the site, lets call it: test_member.
- Generated tokens (using postman) for test_member using @R_J api_token plugin. https://github.com/R-J/apitoken
- Placed the generated token in the bearer token field, created the required body with required fields and made a post request.
However, got a 403 response with the description "You need the Garden.SignIn.Allow permission to do that."
Can anyone help me with debugging this?
Note: Garden.tokens.add permission as well as Garden.Signin.allow is checked for members in the roles and permissions setting.
The member email is also verified. Comments can be posted normally from the site.
Tagged:
0
Comments
Hey @diana_na . Sanity check, have you tried logging in as
test_memberand posting a comment to discussionID 1 in a web browser. It could be the category permissions.API V2 is not fully developed. We encountered several issues in our project www.vanilla-app.com that requiered additional development.
Hello. I got it working.
It was working fine when I posted from the vanilla forum. But I couldn't get it to work using the API.
Finally figured it out. It was my bad. A trailing comma in the request payload for the tokens. 🤦♀️ I feel so embarassed posting this now😂.
But thank you so much for attempting to help me.
It does seem that way. I have been pouring over the API and testing it out. Looks like I have to put in some more effort.
Your project looks awesome!
Most of us, if not all, have "been there done that", for hours or days - until "ooohhh" and then face-palmed ourselves over ourselves ;-)