You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
using an api key created with empty admin and scope=1 returns: error: the admin associated with the provided api key cannot be authenticated, although it mentioned in the api doc : admin (string): admin associated with this API key. If empty and the scope is "admin scope" the key can impersonate any admin
Steps to reproduce
having an admin user with Allow to impersonate the user, in REST API, with an API key checked
create an api key using: curl -s -k -X POST "https://sftpgo.example.com/api/v2/apikeys" -H "Content-Type: application/json" -H "Authorization: Bearer <token>" -d '{"name": "key1", "scope": 1, "admin": ""}'
try to add a user using that api key: curl -s -k -X POST "https://sftpgo.example.com/api/v2/users" -H "Content-Type: application/json" -H "X-SFTPGO-API-KEY: <apikey>" -d '{"username": "test", "password": "****", "status": 1, "quota_size": 1000000000, "permissions": {"/": ["*"]}}'
response: error: the admin associated with the provided api key cannot be authenticated
although it mentioned in the api doc : admin (string): admin associated with this API key. If empty and the scope is "admin scope" the key can impersonate any admin
the solution is also in the doc: If no admin/user is associated to the provided key you need to add ".username" at the end of the key. For example if your API key is "6ajKLwswLccVBGpZGv596G.ySAXc8vtp9hMiwAuaLtzof" and you want to impersonate the admin with username "myadmin" you have to use "6ajKLwswLccVBGpZGv596G.ySAXc8vtp9hMiwAuaLtzof.myadmin" as API key
abdeldjalil-fellah
changed the title
[Bug]: the admin associated with the provided api key cannot be authenticated
the admin associated with the provided api key cannot be authenticated
May 20, 2024
abdeldjalil-fellah
changed the title
the admin associated with the provided api key cannot be authenticated
The admin associated with the provided api key cannot be authenticated
May 20, 2024
Bug description
using an api key created with empty admin and scope=1 returns:
error: the admin associated with the provided api key cannot be authenticated
, although it mentioned in the api doc :admin (string): admin associated with this API key. If empty and the scope is "admin scope" the key can impersonate any admin
Steps to reproduce
Allow to impersonate the user, in REST API, with an API key
checkedcurl -s -k -X POST "https://sftpgo.example.com/api/v2/apikeys" -H "Content-Type: application/json" -H "Authorization: Bearer <token>" -d '{"name": "key1", "scope": 1, "admin": ""}'
curl -s -k -X POST "https://sftpgo.example.com/api/v2/users" -H "Content-Type: application/json" -H "X-SFTPGO-API-KEY: <apikey>" -d '{"username": "test", "password": "****", "status": 1, "quota_size": 1000000000, "permissions": {"/": ["*"]}}'
response:
error: the admin associated with the provided api key cannot be authenticated
although it mentioned in the api doc :
admin (string): admin associated with this API key. If empty and the scope is "admin scope" the key can impersonate any admin
Expected behavior
the key can impersonate any admin
SFTPGo version
SFTPGo 2.6.0 19e9857
Configuration
The text was updated successfully, but these errors were encountered: