Using jwt token on POST request to api/v2/* #12564
Unanswered
cristianleonie-geos
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am using jwt tokens to access the geonode backend without interfacing with the browser, my configuration is using:
rest_framework_simplejwt.authentication.JWTAuthentication
AUTH_EXEMPT_URLS = ("/api-token-auth/*", )
ENABLE_APIKEY_LOGIN=True
LOCKDOWN_GEONODE=True
This is working great for blocking access to any endpoint if not authorized, and allows me to interact without issues with my own endpoints. However when I try to add data in the form of POST request to geonode resources I have an authentication error
For example
Request:
GET .../api/v2/maps (with bearer token)
Response:
200
Request:
POST .../api/v2/maps (with bearer token)
Response:
{
"success": false,
"errors": [
"Authentication credentials were not provided."
],
"code": "not_authenticated"
}
Could it be related to CRSF safety? I get it when using a "static" api key, but shouldn't I be able POST as my jwt token also expires?
Beta Was this translation helpful? Give feedback.
All reactions