[repost] /api/catalog/entities returning 401 | Backstage | Page 1

vernal otter Aug 28, 2024, 7:39 PM

#

Our CI/CD pipeline processes rely heavily on validating team names against Backstage's Catalog API.

Since upgrading to v1.28 from 1.23, the /api/catalog/entities endpoint returns a 401. Per a previous post, I've tried adding dangerouslyDisableDefaultAuthPolicy: true to the app config, but that hasn't helped.

Does anyone have insight on this? I'd love to avoid creating a service account and writing a custom JS program just to create a token for each API call to check group names.

lunar meadow Aug 28, 2024, 7:47 PM

#

have you tried setting:

permission:
  enabled: false

turbid basalt Aug 28, 2024, 8:36 PM

#

Hey 👋

Have you already gone over https://backstage.io/docs/auth/service-to-service-auth/ ?

Service to Service Auth | Backstage Software Catalog and Developer ...

This section describes service to service authentication works, both internally within Backstage plugins and when external callers want to make requests.

stoic stag Aug 29, 2024, 5:26 AM

#

Specifically the static access method might be an easy, fast way to get auth going

queen berry Aug 29, 2024, 2:43 PM

#

stoic stag Specifically the static access method might be an easy, fast way to get auth goi...

This is exactly what I implemented for access the backend APIs as well, very straightforward.

vernal otter Aug 29, 2024, 7:53 PM

#

🥲 thank y'all so much for the fix. A static API key like this is exactly what we need

#[repost] /api/catalog/entities returning 401