Zammad ignores REMOTE_USER in api calls?

Technical assistance
1

Infos:

  • Used Zammad version: 4.0.1
  • Installation method (source, package, …): Package
  • Operating system: Debian 10
  • Database + version: Postgres 11
  • Elasticsearch version:
  • Browser + version: Curl

Expected behavior:

  • Zammad uses REMOTE_USER set by NGINX

Actual behavior:

  • Zammad uses authorisation

Steps to reproduce the behavior:

  • Set up Zammad with Authorisation by Webserver (e.g. TLS Client Certificate)
  • call any /api URL

Is this really intended behaviour?

2

Yes that’s intended. Use token based authentication for API calls.

3

This topic was automatically closed 120 days after the last reply. New replies are no longer allowed.