strapi-plugin-navigation: Forbidden with Authorization header

I cannot access navigation when i pass the Authorization header. I’ve tried to enable the render permission to the Authenticated role but it doesn’t work.

I’m missing something or it’s a bug?

curl "http://localhost:1337/api/navigation/render/albero?type=tree" \
     -H 'Authorization: Bearer *************'
{
  "data": null,
  "error": {
    "status": 403,
    "name": "ForbiddenError",
    "message": "Forbidden",
    "details": {}
  }
}

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 15 (5 by maintainers)

Most upvoted comments

I just retested, it seems that with a read only API key i cannot auth, but with a full access its possible, is this intended?

I tried right now to create another api token and it works, the previous one still works with other strapi calls but not with call to the navigation endpoint. (The previous token for what I rember was created before installing the plugin).
Will do another test later on both dev and production server

The Authenticated access is also supported as that is Strapi default (we don’t have any logic on top). Worth to verify.