I am getting error AccessRules: Account does not have the right to perform the operation when I am using postman to hit the register api of ejabberd.

[Rishabh31User]

What version of ejabberd are you using?

17.04

What operating system (version) are you using?

ubuntu 16.04

How did you install ejabberd (source, package, distribution)?
package

What did not work as expected? Are there error messages in the log? What
was the unexpected behavior? What was the expected result?

I used postman to make a HTTP request to ejabberd register api. The ejabberd is set up and the admin is running properly at the url - http://localhost:5280/admin.

The Url of http request is - http://localhost:5280/api/register
Body - {
"user": "bob",
"host": "example.com",
"password": "SomEPass44"
}
Header - [{"key":"Content-Type","value":"application/json","description":""}]
Response - {
"status": "error",
"code": 32,
"message": "AccessRules: Account does not have the right to perform the operation."
}
MY YML FILE IS ATTACHED AS TXT. PLEASE ANY HELP WILL BE APPRECIATED:
ejabberd.txt

Is anything else is required.

[prefiks]

Add this to your config file:

api_permissions:
  "loopback access":
    who:
      - ip: "127.0.0.1/8"
    what:
      - "register"

[prefiks]

Ah was looking at wrong config file, you already have api_permissions section, just drop "register" to public commands what list

[Rishabh31User]

My api permissions of yml now look like this after the change you said. But still it is showing the same problem.

{
    "status": "error",
    "code": 32,
    "message": "AccessRules: Account does not have the right to perform the operation."
}

api_permissions:
  "console commands":
    from:
      - ejabberd_ctl
    who: all
    what: "*"
  "admin access":
    who:
      - access:
          - allow:
            - ip: "127.0.0.1/8"
            - acl: admin
      - oauth:
        - scope: "ejabberd:admin"
        - access:
          - register: 
              - all: allow
          - allow:
              - ip: "127.0.0.1/8"
              - acl: admin
    what:
      - "*"
      - "!stop"
      - "!start"
  "public commands":
    who:
      - ip: "127.0.0.1/8"
    what:
      - "register"
      - "status"
      - "connected_users_number" 

I am using http request via postman

[prefiks]

Are you connecting to address to 127.0.0.1 or trying to access that from different machine?

Can you change loglevel in ejabberd.yml to 5 execute command and show what you call adds to ejabberd logs?

[Rishabh31User]

OK. I again tried register command . I am attaching the logs generated for this particular hit. I am using same address.
error.txt
ejabberd.txt

[prefiks]

Yeah your config is wrong

Probably you want this:

api_permissions:
  "console commands":
    from:
      - ejabberd_ctl
    who: all
    what: "*"
  "admin access":
    who:
      - access:
          - allow:
            - ip: "127.0.0.1/8"
            - acl: admin
      - oauth:
        - scope: "ejabberd:admin"
        - access:
          - allow:
              - ip: "127.0.0.1/8"
              - acl: admin
    what:
      - "*"
      - "!stop"
      - "!start"
  "public commands":
    who:
      - ip: "127.0.0.1/8"
    what:
      - "status"
      - "register"
      - "connected_users_number"

[nikhil290892]

I am getting below error in the ejabberd.log after making suggested changes. Attaching ejabberd.log and ejabber.yml(ejabberd.txt)
ejabberd.txt
ejabberd.log

[prefiks]

change loopback in acl to this:

  loopback:
    ip:
      - "127.0.0.0/8"
      - "::1/128"
      - "::FFFF:127.0.0.1/128"

and use this api_permissions:

api_permissions:
  "console commands":
    from:
      - ejabberd_ctl
    who: all
    what: "*"
  "admin access":
    who:
      - access:
          - allow:
            - ip: "127.0.0.1/8"
            - acl: admin
      - oauth:
        - scope: "ejabberd:admin"
        - access:
          - allow:
              - ip: "127.0.0.1/8"
              - acl: admin
    what:
      - "*"
      - "!stop"
      - "!start"
  "public commands":
    who:
      - acl: loopback
    what:
      - "status"
      - "register"
      - "connected_users_number"

[nikhil290892]

Thanks. The above solution worked and it is working on my local machine.

But when I try to do this in live environment, I am getting below error

2018-01-08 16:17:03.668 [error] <0.1988.0> ** Connection attempt from disallowed node 'd79c0fc2-ctl-ejabberd@localhost' **

My server is Ubuntu16.04 hosted on AWS.

[zinid]

This is a problem with a cookie file. It's located in a home directory and called .erlang.cookie. The cookie files must match in order to perform the connection from one node to another (note that ejabberctl command creates a temporary node and connects to running ejabberd node).

[nikhil290892]

How can I match the code in it?

Earlier I was using Ejabberd 17.01 and updated to Ejabberd 17.04. Is this why I am getting this error?

[nikhil290892]

ejabberd.txt
Also, getting below error after doing fresh installation

Application ejabberd exited with reason: {{shutdown,{failed_to_start_child,ejabberd_listener,{shutdown,{failed_to_start_child,{5281,{18,220,204,243},tcp},{eaddrnotavail,{5281,{18,220,204,243},tcp}}}}}},{ejabberd_app,start,[normal,[]]}}

Attaching ejabberd.yml

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.