Project

General

Profile

Forums » Help »

API get users issue

Added by Anonymous over 10 years ago

Hi!
I'm using API to get users list. So, url is: my.redmine/users.json using header-authentication. When I make request, I'm getting response of 403(no matter user role of key owner - tried for regular user, admin, superadmin).
While requesting for my.redmine/users/current.json or my.redmine/users/55.json (using same key as in request above) is valid and returns data for key owner.
I've searched forum and found several similar issues, but seems authors haven't solved it yet(or didn't responded here about).
Redmine version is 1.2.2, but documentation says that this feature been applied earlier, in 1.1


Replies (1)

RE: API get users issue - Added by Anonymous over 10 years ago

Well, I figured out what is happening. I used a browser extension to perform requests(Chrome - Advanced Rest Client). So, I was logged in as a regular redmine user while sending requests with admin key. And there conflict took a place - browser-performed request not only with a header-placed key, but also adding currently logged in redmine user authentication data. So redmine used weaker access rights(or something like that). Performing non-browser request(php/curl) worked well for me. Hope this will help somebody.

At brief: you should not be logged in to redmine while calling API.

    (1-1/1)