Even after making user-required=True for a HTTP endpoint, i am able to access it without accesstoken! How can i make it private?


@skygear.handler(‘getroles’, method=[‘GET’], user_required=True)



HI @Priyanka_Navgire,

I tried to make a clean plugin and new skygear DB with version 1.1.2. The behavior is verified as described in the documentation. refs https://docs.skygear.io/guides/cloud-function/http-endpoint/python/

Here is the example response.

$ curl http://skygear.dev/getrole -H "X-Skygear-API-Key: changeme"
$ {"error":{"name":"NotAuthenticated","code":101,"message":"Authentication is required for this action, please login."}}


@Priyanka_Navgire sorry may you post more details and the exact way you reproduce the problem so we can look into it?