Get started
We are having lots of fun on Discord. Come and join us!
Star on GitHub 45.1K Get started
Back

The current user is not authorized to perform the requested action - even using API key!!

  • 0
  • Databases
  • Flutter
  • Self Hosted
  • REST API
View on Discord
mav8rick
6 Feb, 2024, 16:20

I am on Appwrite 1.3.7 I know this is a common newbie mistake and I have looked through the previous postings. I am not a new user - been hacking away on it for the last 6 months.

I have a strange situation where I have collection A which has relationships to B, C and D. Now, if I create a document (say... through REST) without any "children" (no B, C and D), I can read and update OK. However, when I create a document that has the relationship attribute filled in, I get a 401 error. I'm 100% sure I got the permissions part correct - see attached picture and I'm 100% sure the fallback_session cookie belongs to the right user (the righ team) Now, through a REST client, I can do a GET of a document A (system OK) but when I try to update (that's a PATCH), I hit into a 401 error. Have looked through all the B, C and D collections to enable at least READ security but I can't overcome it.

Does this mean that if B has a relationship to C (one-way), if I am to be able to update B, I must have update access to C?

Is there anything else I can try? Any tips would be very much appreciated.

PS I did not turn on document security for any of the collections.

PSPS I have an update - now I'm using an API key and I still get "user_unauthorized" error!

TL;DR
Title: User authorization issue even with API key Message: I am experiencing a 401 error when trying to perform certain actions with my API key. Specifically, when creating a document that has a relationship attribute filled in. I have checked and confirmed that my permissions are set correctly and that the fallback_session cookie is associated with the right user and team. I can successfully retrieve documents through the REST client, but updating them results in a 401 error. I have also ensured that the related collections have at least READ security enabled. Is there anything else I can try? I am now using an API key and still encountering the "user_unauthorized
mav8rick
6 Feb, 2024, 16:50

The current user is not authorized to perform the requested action - even using API key!!

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more