Infos:
- Used Zammad version: 2.10.x
- Used Zammad installation source: Don’t know tbh… Installed via Console
- Operating system: Ubuntu 18.04
- Browser + version: Chrome, 74.0.3729.157
Expected behavior:
- Delete user_access_token with id
Actual behavior:
- {“error”:“No route matches [PUT] /api/v1/user_access_token/:14”} — for PUT
- {“error”:“Unable to find api token!”} — for DELETE
Steps to reproduce the behavior:
- Create a user_access_token via cURL
- Just follow the API instructions to delete tokens (https://docs.zammad.org/en/latest/api-user_access_token.html#delete)
- Requests made via cURL
Curl to create a token:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://nice.wsrn.support/api/v1/user_access_token');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, "label=mylbl&permission=ticket.agent&expires_at=null");
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer myToken', //user_agent Token
));
Curl to delete:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://nice.wsrn.support/api/v1/user_access_token/:14');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE');
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Authorization: Bearer myToken', //user_agent Token
));
$result = curl_exec($ch);
print_r($result);
This code throws either an error for PUT-requests or for DELETE-request. At least DELETE does find the endpoint i’m looking for.
When i was creating the tokens via cURL and went to Profile -> >Token Access, all my tokens didn’t show up anymore. It’s an empty page now with the console saying the following:
application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:61 Uncaught TypeError: i.preferences.permission.join is not a function
at Object.<anonymous> (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:61)
at Object.<anonymous> (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:61)
at Object.JST.app/views/profile/token_access (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:61)
at application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:21
at e.render (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:32)
at e.render (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:32)
at Object.ajax.success (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:32)
at l (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:2)
at Object.fireWith [as resolveWith] (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:2)
at n (application-1e83a3b231f14d15f7ed36de5492c16e0c7c3fdfeaa2decb9636ee506aa760b0.js:3)
Can anyone tell me how do delete Tokens i created via the API? Or maybe even what i did wrong? When i list all my tokens (also via cURL), i still see all of them.
Thank you in advance. 
