API works in browser but throws 403 on Postman | Payload | Page 1

honest cloud Jun 17, 2024, 6:50 AM

#

I'm attempting to use the REST API outside of the browser but there are many questions.

How do you use the User's API-KEY in the authorization header? There is no documentation on that.
Every request from Postman returns 403: Forbidden even through the same request work in the browser there the same user is logged in. It doesn't even seem to reach API key authentication and is immediate.

I there proper documentation on how to actually use the API which seems to be an important feature of PayloadCMS?

prisma muskBOT Jun 17, 2024, 6:50 AM

#

Help is on the way! To mark it as solved, use the /solve command. In the meantime, here are some existing threads that may help you:

Documentation:

polar steeple Jun 17, 2024, 7:27 AM

#

 headers: {
      Authorization: `JWT ${token}`,
    }
  });

@honest cloud

replace token with the one your received from login endpoint.

#

honest cloud Jun 17, 2024, 7:34 AM

#

I would like to use the User API key shown in the admin dashboard.

honest cloud Jun 17, 2024, 7:35 AM

#

I tried this but also have 403 immediately.

polar steeple Jun 17, 2024, 7:40 AM

#

for those API keys, header value is different

const response = await fetch('http://localhost:3000/api/pages', {
  headers: {
    Authorization: `users API-Key ${YOUR_API_KEY}`,
  },
})

#

honest cloud Jun 17, 2024, 7:55 AM

#

I see, yes that works finally.