#Show all entities after switching to new auth

Initially, I had something like listed here under "New Backend System Setup": https://github.com/backstage/backstage/blob/master/contrib/docs/tutorials/authenticate-api-requests.md#new-backend-system-setup. This (as far as I can tell) lead to all entities being returned from the catalog by default. But this approach is no longer recommended as stated.

I recently switched to the new auth as outlined here: https://github.com/backstage/backstage/tree/master/beps/0003-auth-architecture-evolution#dependencies.

Now I see way fewer entities, I guess only the ones owned by the current logged in user. This is expected and probably more correct, but for compatibility I need to be able to return all entities for now. How can I adjust the catalog in the backend to return all entities, even with the new auth in place?

Show all entities after switching to new auth

Hi @warped breach, there’s nothing in the auth changes that would have cause this change in behaviors as best I know. I’m wondering if maybe the owned filter in the catalog got changed at some point? https://backstage.io/docs/features/software-catalog/catalog-customization#initially-selected-filter

@ripe wind thanks for the quick reply. I think it must be backend related instead of just a FE issue as I cannot see the entities even when I adjust the filters. And I see in the network requests that the entities are missing. To give more context, in the old way of doing auth, the issue starts to occur specifically at the moment I remove these two lines:

try {
  // Attempt to authenticate as a frontend request token
  await identity.authenticate(token);
} catch (err) {
  // Attempt to authenticate as a backend request token
  await tokenManager.authenticate(token);
}

This actually confused me, because I didn't expect these two functions to have any side effects. But as soon as this code block is gone, I get this reduced view.

To switch to the new auth I of course fully removed the authMiddlewareFactory.ts and customRootHttpRouterService.ts

I managed to track down the issue now. I had a PermissionPolicy that checked this ownership and prevented the entities from being returned. I am just not sure why the code from the old auth system seemed to disable this permission policy. Thanks for the help!