Does the API user have to have full system access?

johnwick · September 15, 2023, 11:29pm

I’ve created a role specifically for the API user to limit possible security issues. However, even with all boxes checked, it’s unable to connect to Mautic, producing a 401 access denied error, unless granted full access.

When I give it the Administrator role, everything works fine.

What’s going on here? Bug? Feature?

mzagmajster · September 17, 2023, 6:24pm

That might be true for some endpoints, but not for all in my opinion. Just now I am looking into LeadApiController and see that the controller actually checks for leda:leads permissions.

Topic		Replies	Views
Unable to create Lead through API Development	5	623	February 2, 2020
Error 403 at creating a lead with api Product Support	2	542	March 2, 2017
Can't get apitester working Product Support	0	392	December 13, 2020
token_rejected Product Support	2	207	April 3, 2016
Mautic api 401 unauthorised while connecting mautic in pabbly Product Support	1	110	April 4, 2024

Does the API user have to have full system access?

Related topics