Create only One Public API

How to create a single public api using roles. Added a guest role & allowed access to component “*” for a service. It worked without login.

But when I change the component from * to a specific component say “_table/department/*”, its returns 401 Unauthorized.

Would be great if somebody could help me on this.

What version of DreamFactory are you working on?

We had a report similar to this which was fixed late last month. So, if you ran a git pull, it would get the latest code with the fix.

Please let me know about the version and I can guide further.


Hey @sridharsa,

Thanks for the reply. I have installed the DreamFactory through Bitnami Installer.

DreamFactory shown on the admin panel is 2.0.2

@tejas I duplicated this issue and will be filing a bug.
I was able to work around this issue though by changing the component access to “_table/department/” instead of “_table/department/*”

This is not a bug. The way the role access configuration works is thus.
_table/department/ allows you access to items at that level of the API (think like folder paths.) Get all records, user filters, etc.
_table/department/* allows you access to items in the next level of the of REST path. For SQL tables this individual records by id. I.e. GET on _table/department/4 retrieves the record whose ID is 4.

Hey @drewpearce,

Thanks for the info on how the Roles work.

My scenario is as follows:

  • Have 2 tables named X & Y
  • X have a Foreign Key Constraint on “id” from Y, named Y_ID.
  • I am fetching the records in X by joining it with Y(Getting “name” from Y)
  • I set the GET access to these 2 “_table/X” & “_table/Y” for a GUEST role.

Still getting the error "GET access to component ‘/_table/Y’ of service ‘XYZ’ is not allowed by this user’s role."
Error Code is 403

How can I handle this situation?

in your role, try adding access for both _table/Y and _table/Y/*

Hey @drewpearce,

Tried what you recommended. Didnt helped much.
Is the sequence of the provided access important?