#Catalog endpoint returning 403 after migrating to version 1.18.0 and new backend system

Hi, I updated version to 1.18.0 and migrated to new backend system, but still using legacy plugins due to customizations. I also enabled dangerouslyDisableDefaultAuthPolicy which removed 401 errors that I was getting for all the backend calls. But catalog is returning 403 with error message "this endpoint does not allow 'service' credentials" and error.body.request.url is /authorize so it looks like catalog plugin is calling /authorize and that is giving error? The endpoint being called from UI is /entity-facets and /entities. How do I fix this issue?

Also, I'm using the old style keys config in backend.auth.keys

facing the same issue here

Looks like issue #25432 is describing exactly what I am experiencing, but the comment just recommends to try upgrading to 1.28. Is there any other way to fix this without 1.28 upgrade? It's gonna take me some time to upgrade to 1.28 as Im on 1.18 and slowly upgrading to latest.

@visual atlas mind sharing your backend.auth.externalAccess big man?

Not using externalAccess atm. Still using old style key configs since I'm only using legacy plugins

upgrading to 1.28.0 didnt solve my issue

Ah ok, hoping they can provide with a solution

Hi @visual atlas, as I recommended before - #1265703362217640008 message - you're better to start from scratch then slowly going version by version. It's pretty hard to help you as you are needing those who would help you to go back in time ten months. My memory is just not that good sadly 😦

Also, this config - dangerouslyDisableDefaultAuthPolicy - was added in 1.24.x . That it has any impact at all tells me that your Backstage instance is in some un-healthy state and not on the version you think it is.

Hi @swift reef, are you also upgrading from a very old version? If so then the same recommendation would apply, sorry.

i upgraded from 1.24.0 sir