semaphore icon indicating copy to clipboard operation
semaphore copied to clipboard
verified publisher icon semaphoreui

API: access tokens require admin permission for post/delete

Open steadfasterX opened this issue 2 years ago • 1 comments

semaphore version 2.8.92

This is not a bug report but more a feature request.

Reproduce steps:

  1. Add a local user account and link it to a project.
  2. Grant this user the owner role
  3. Create an api token as described in the docs
  4. Try to create a template

Result: 403 not authorized

I have tested only template creation as of now but i assume this is for any api post / delete call.

Workaround: make this account an admin account

I guess this is expexted atm bc RBAC is not fully implemented yet but a hint in the docs would be fine and I want to ensure to keep track of tokens in rbac :)

steadfasterX avatar Aug 04 '23 04:08 steadfasterX

@steadfasterX is it actual?

fiftin avatar Nov 05 '25 18:11 fiftin