#"You are not allowed to perform this action" issue If we are using api-key to access the APIs

7 messages · Page 1 of 1 (latest)

high zephyr
#

Issue 1:

Initially, We used a label in the authorization header with an API key like " User API-key <api-key> " , It was working fine.

But, Since Yesterday, we have been facing the above error " You are not allowed to perform this action "

then we know about this changes https://github.com/payloadcms/payload/issues/1769

We have to use a collection slug instead of the label in the authorization header. We changed that to "users API-key <api-key>"

We didn't change any version of the payload cms in our system. still we are using "payload": "^1.1.21" version

we are wondering how the changes got updated automatically.

GitHub
Can't get the API key working · Issue #1769 · payloadcms/payload

Bug Report Trying the access the url http://localhost:3000/api/projects/ with the header Authorization: User API-Key f456e511-ee1f-4a1e-821e-9c4ff2cb7c6f always returns You are not allowed to perfo...

whole lark
#

isnt it Users.slug

#

as the collection slug

#

is User a string?

proud schooner
#

If you didn't update your Payload version, you won't want to change to users instead of User. That change was done in 1.4.0

#

It seems like something else is going on here

#

Are you developing locally? Can you open up access to the desired endpoint and verify at least that works?