usergrid collection permission not working
I have created user name abcdef and added permission for that user for concerts collection as
When I query for concerts, I expect it to return nothing but it returns all concerts entity. Is there something that I am missing on applying permission
curl -XGET
http://api.usergrid.com/***/***/concerts?access_token\=YWMt8zqr5FqqEeWmj-Oi1e6IqAAAAU_unlN_XnYvv7TeJszcL1o0cEPNYfmWJIw
Filed under USERGRID-1020
There are two reasons that might cause this. First, default sandbox permissions may still be set up on your app:
You'll need to remove this or set them all to no.
Second, and more importantly, applying the permissions directly to the user doesn't appear to be working (?!) and I don't know if this is by design or not. To test this, I duplicated your scenario, and am seeing the same result. To work around it (which actually is more of a security best practice anyway) I created a group with the desired permissions and added the user to the group:
- Generate JWT Token in Keycloak and get public key to verify the JWT token on a third party platform
- Apigee Pre-Flight Options Requests
- Base64 encoding in an Apigee Edge policy
- In APIGEE, with a proxy URL, how would I find out which Product(s) is it a part of?
- In Apigee, how can I access callout response in javascript policy
- Returning Large Payload with apigee Proxy
- APIGEE - Default values in destructuring declarations are not supported
- Clearing the entire cache in Apigee
- Issue reaching my Apigee proxy via Spring RestTemplate PUT method
- Apigee X Task trigger call from external application
- Is there any fixed range or pattern in source IP address of APIGEE endpoint? Is it static or it changes?
- Apigee Edge SSL Handshake failed for TCP
- what are mandatory elements in OpenAPI spec
- How to create two basepaths on one Apigee API Proxy
- Apigee Proxy passing same host header to target
- APIGEE configuration: how to handle CORS error
- Mirgrate from apigee edge to apigee x
- How to make async rest call from a synchronous APIGEE Integration?
- One Apigee Api Proxy with a different target endpoint for each environment
- How to communicate nginx Bad Gateway to client
- Apigee edge-message-processor Error while starting up
- Apigee HTTPBasicAuth timing out
- APIGEE: ExpiryTimeInSecs in KeyValueMapOperations Policy
- how to read variable in assign message policy in APIGee
- How to make http request in Apigee JavaScript policy?
- Apigee - setting cookie in the redirect request header of Apigee that was set earlier by the application
- How to add extension to apigee-emulator on local environment?
- Apigee SpikeArrest Sync Across MessageProcessors (MPs)
- In Karate framework, How to retrieve APIGEE token generated out of SHA256 encrypted libraries?
- Apigee errorcode: steps.servicecallout.ExecutionFailed - Reason: ResponseCode 400 is treated as error