Skip to content
Start building
Back

401 Unauthorized

  • 0
  • Databases
  • Web
View on Discord
Honzosaurus_3.1415926535
4 Mar, 2024, 10:43

So I'm using appwrite for the first time and am trying to insert something to my db, however, I keep getting this error in the console: AppwriteException: The current user is not authorized to perform the requested action.at Client.<anonymous>

I'm inserting the data without any user auth on the website - do I have to make an auth system? Or is there just something wrong with my api keys?

Also here's my code (I'm using SvelteKit):

TypeScript
<script>
  import { Client, Databases, ID } from "appwrite";
  import { client } from "$lib/appwrite";
  import {
    PUBLIC_APPWRITE_DB,
    PUBLIC_APPWRITE_COLLECTION,
  } from "$env/static/public";
  let val= "";

  const databases = new Databases(client);
  function submit() {
    const promise = databases.createDocument(
      PUBLIC_APPWRITE_DB,
      PUBLIC_APPWRITE_COLLECTION,
      ID.unique(),
      { url: "test data", hash: "test data" },
    );

    promise.then(
      function (response) {
        console.log(response);
      },
      function (error) {
        console.log(error);
      },
    );
  }
</script>
    <form
      on:submit={(e) => {
        e.preventDefault();
        submit();
      }}
    >
        <input
          bind:value={val}
          type="text"
        />
        <button type="submit">submit</button>
    </form>
TL;DR
Developers are getting a 401 Unauthorized error when trying to insert data into the database without user authentication. The solution is to create a session using the Account API before using the Databases APIs. This error occurs because the current user is not authorized to perform the action. Logging the user in before database access is necessary.
darShan
4 Mar, 2024, 10:44

Did you create a session using Account API before using the Databases APIs?

Honzosaurus_3.1415926535
4 Mar, 2024, 10:44

I think I did

darShan
4 Mar, 2024, 10:45

Umm no, I dont see any login. See - https://appwrite.io/docs/products/auth/email-password

Honzosaurus_3.1415926535
4 Mar, 2024, 10:45
TypeScript
export const account = new Account(client);
Honzosaurus_3.1415926535
4 Mar, 2024, 10:45

So I have to log the user in before they can use the db?

darShan
4 Mar, 2024, 10:46

If the Databases permissions are set to Users.

Honzosaurus_3.1415926535
4 Mar, 2024, 10:46

But how can I set the db permission so anybody can access it?

darShan
4 Mar, 2024, 10:48

Your Database > Your Collection > Settings > Permissions > Manage the Permissions.

However, granting read/write/update permissions to Any, Guest, All Users isn't a good security practice. What are you trying to do?

Honzosaurus_3.1415926535
4 Mar, 2024, 10:49

Well thanks for that, this is just kind of a test project, so just a few ppl will look at it and have the access to the db therefor, you don't have to be worried about spam/bots

darShan
4 Mar, 2024, 10:51

In that case, you could still do this - Permissions > All Users > Select permissions.

Ofc. this would require the users to register & login. For registration, you can manually add the users via Auth dashboard & mark them as Verified.

Honzosaurus_3.1415926535
4 Mar, 2024, 10:51

And if I'd do guest, anyone would have access to it without auth?

darShan
4 Mar, 2024, 10:52

There a few gotchas here, for better info. see this doc - https://appwrite.io/docs/advanced/platform/permissions#permission-roles

Honzosaurus_3.1415926535
4 Mar, 2024, 10:53

alright, thanks

Reply

Reply to this thread by joining our Discord

Reply on Discord

Recommended threads

Need support?

Join our Discord

Get community support by joining our Discord server.

Join Discord

Get premium support

Join Appwrite Pro and get email support from our team.

Learn more