I’m using Zammad 6.2.0, and I’m trying to get the list of groups via REST API (/api/v1/groups), but I have "{“error”:“Not authorized (token)!”,“error_human”:“Not authorized (token)!”}`.
The user I’m using to query the Zammad service is listed as Admin, Agent and Customer.
All the other main endpoints work well, so I don’t understand what is going wrong.
Any suggestion about how to fix or how to get a more detailed error?
You may want to share your payload if you expect help with API stuff. No productive data is required.
Here is an example:
% curl --header "Content-Type: application/json" \
--header "Authorization: Token token=xxxxxxx" \
--request GET \
http://localhost:8080/api/v1/groups
{"error":"Not authorized (token)!","error_human":"Not authorized (token)!"}
Hi @fluca1978. Please make sure that admin.group permission is associated with the created token, otherwise you’re faced with this error message.
Thanks @fliebe92 , I’ve already associated the user with the role permission, but apparently this does not work.
Regenrating the token, as in:
curl --header "Content-Type: application/json" \
--request POST \
--data '{ "name": "perl@test", "permission": ["cti.agent","ticket.agent", "admin.group"], "expires_at": "2024-12-21" }' \
-u luca.ferrari3@me:XXXXXXX http://localhost:8080/api/v1/user_access_token
worked. Is there a way to add a permission without having to re-generate a token?
Why associating the user to the role/permission from the web interface does not work for the token?
Hi @fluca1978.
I just used the GUI to create an access token that has admin.group permission set
and used it with curl as follows:
curl --location 'http://localhost:3000/api/v1/groups' --header 'Content-Type: application/json' --header 'Authorization: Bearer xxx'
Works fine.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.