[SOLVED] Postman Client: "User (role: guests) missing scope (account) error
Ops
I ll comeback to you. I haven't tested "get user details"
Api
Oh i just remembered that I did not try that because in rest api docs, the get account api asks for x-appwrite-jwt
So before making "get account" request, i need createJwt request to get a jwt
Nah, you can use the cookie
Okay doin it right now
Works correctly for get account api
Plz wait i m pasting the headers
Request Headers
Accept: application/json
X-Appwrite-Project: 6469040898e19fe9052c
User-Agent: PostmanRuntime/7.32.2
Postman-Token: 195cc7fa-fe7f-4687-b61b-cd734b3a02bd
Host: cloud.appwrite.io
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: a_session_6469040898e19fe9052c=<cookie stored in postman from prev request of create session with email>; a_session_6469040898e19fe9052c_legacy=<same cookie goes here too>
Response Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-Appwrite-ID, Content-Range, Range, Cache-Control, Expires, Pragma
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin: https://localhost
Access-Control-Expose-Headers: X-Fallback-Cookies
Content-Encoding: br
Content-Length: 188
Content-Type: application/json; charset=UTF-8
Date: Tue, 30 May 2023 22:13:01 GMT
Server: Appwrite
Strict-Transport-Security: max-age=10886400
X-Content-Type-Options: nosniff
X-Debug-Fallback: false
X-Debug-Speed: 0.0067610740661621
Response Body
{"$id":"91a35da6-13ef-4355-8c18-d86c743044d9","$createdAt":"2023-05-30T22:10:56.007+00:00","$updatedAt":"2023-05-30T22:10:56.007+00:00","name":"Rhoda","registration":"2023-05-30T22:10:56.006+00:00","status":true,"passwordUpdate":"2023-05-30T22:10:56.006+00:00","email":"leif_herman95@hotmail.com","phone":"","emailVerification":false,"phoneVerification":false,"prefs":{}}
Anything look different to you between the request headers of the get account vs create JWT?
oh no
now createJwt shows 501. wait i ll paste its response too
POST https://cloud.appwrite.io/v1/account/jwt 501 1421 ms
Request Headers
Accept: application/json
X-Appwrite-Project: 6469040898e19fe9052c
User-Agent: PostmanRuntime/7.32.2
Postman-Token: 73b96943-6b66-4583-9cee-28d325a0fc7e
Host: cloud.appwrite.io
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: <session cookie goes here>;a_session_6469040898e19fe9052c_legacy=<session cookie goes here>
Content-Length: 0
Response Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Cookie, Set-Cookie, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Request-Headers, Accept, X-Appwrite-Project, X-Appwrite-Key, X-Appwrite-Locale, X-Appwrite-Mode, X-Appwrite-JWT, X-Appwrite-Response-Format, X-SDK-Version, X-SDK-Name, X-SDK-Language, X-SDK-Platform, X-Appwrite-ID, Content-Range, Range, Cache-Control, Expires, Pragma
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Origin: https://localhost
Access-Control-Expose-Headers: X-Fallback-Cookies
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: br
Content-Length: 96
Content-Type: application/json; charset=UTF-8
Date: Tue, 30 May 2023 22:17:46 GMT
Expires: 0
Pragma: no-cache
Server: Appwrite
Strict-Transport-Security: max-age=10886400
X-Content-Type-Options: nosniff
X-Debug-Fallback: false
X-Debug-Speed: 0.4664580821991
X-Ratelimit-Limit: 100
X-Ratelimit-Remaining: 99
X-Ratelimit-Reset: 1685487600
Response Body
{"message":"JWT authentication is disabled for this project","code":501,"type":"user_auth_method_unsupported","version":"0.10.22"}
ah i get it now from this request
i gonna go enable JWT auth first in the console
really sorry
No worries!
got the JWT
thanks!
[SOLVED] Postman Client: "User (role: guests) missing scope (account) error
Steven, I can see Access-Control-Allow-Origin: https://localhost header in response
is it possible to make such requests from a webapp which is at http://localhost?
Note its on http not https
.
Yep should be fine
Actually I was working on react-native-web
that webapp is hosted on http://locahost:19000
when getting a response from createSessionWithEmail request (REST API), I get the same set-cookie headers in response header, the cookies are not set in cookie storage in web app.
Thats why I guess that by making requests from http:// might be causing this issue (since its the only difference in headers when making the request from postman vs making the same request from webapp)
It might be issue in react-native-web I am not sure.
i am gonna go confirm this first by creating a normal react app hosted on http://
