I am getting Error in reponse to /api/v1/security/users/
I am trying to insert new user with REST API in Apache superset what i did:
I have sent post request to /api/v1/security/login
with json body - I got access_token
this access_token I sent to /api/v1/security/users/ with json body
{
"active": true,
"email": "@",
"first_name": "",
"last_name": "",
"password": "$@",
"roles": [1],
"username": ""
}
in response i get
{
"message": "Forbidden"
}
what i am doing wrong ?
Body looks OK.
Make sure the user you used to validate and get the token has enough permissions.
ALSO, to note, IF you have any kind of external authentication set up (OIDC, OAuth, etc), the Login API WILL NOT work...it WILL generate a token, but the process will fail cause the authentication is actually handled by another provider.
In that case, you HAVE to use the session cookie sent by the provider thru a browser when logging into the system. (we have recently experience a similar issue with OIDC).
You can easily obtain the relevant cookie inspecting the main page while logging in and looking for a /login entry in the network tab of the inspect system.