Even after making user-required=True for a HTTP endpoint, i am able to access it without accesstoken! How can i make it private?

Priyanka_Navgire · 2017-10-11 10:39:50 UTC

@skygear.handler(‘getroles’, method=[‘GET’], user_required=True)

bencheng · 2017-10-11 13:36:35 UTC

rickmak · 2017-10-14 11:39:19 UTC

I tried to make a clean plugin and new skygear DB with version 1.1.2. The behavior is verified as described in the documentation. refs https://docs.skygear.io/guides/cloud-function/http-endpoint/python/

Here is the example response.

$ curl http://skygear.dev/getrole -H "X-Skygear-API-Key: changeme"
$ {"error":{"name":"NotAuthenticated","code":101,"message":"Authentication is required for this action, please login."}}

bencheng · 2017-10-14 13:07:22 UTC

@Priyanka_Navgire sorry may you post more details and the exact way you reproduce the problem so we can look into it?