DSP descript that enable guest user to allow access to applications and services without authentication In admin console Config->Guest User,
So I enable the option Allow Guest User and I think I can download files using brower without authentication. Unfortunately, I get a error response , and it seems I need seesionid using /user/session API still.
Am I misunderstand or missing something?
Actually, I just want to download files by brower using service filesâs live API without authentication.
No misunderstanding, as far as I know. You should have no problem allowing guest access to a file storage service. Hereâs an example.
I will use local file storage. I create a subfolder called images, put a PNG file into /dsp/platform/storage/images and verify itâs present in the Files UI in my DSP admin console:
[The image you are requesting does not exist or is no longer available]
I then test to verify the image is accessible by retrieving it via API Docs:
[The image you are requesting does not exist or is no longer available]
Thatâs my image, so I know weâre good to go. Now I open a separate browser (which will act as the client in this example) and try to get the same image.
[The image you are requesting does not exist or is no longer available]
This is just as expected, since I donât have guest access configured to access local storage, and I didnât login from the other browser. (Note that I already have an API key called âdemoâ set up, so Iâm just using that.)
So now I create a role called âdownloadâ that will be allowed to GET local storage files:
[The image you are requesting does not exist or is no longer available]
And I configure it to have GET access to the images container
[The image you are requesting does not exist or is no longer available]
And on the Apps sub-tab under the role, I select the app name that corresponds with the API key Iâm using, âdemoâ:
[The image you are requesting does not exist or is no longer available]
Then I configure Guest Users to drop guests into the role âdownloadâ:
[The image you are requesting does not exist or is no longer available]
Now I try the same call again from the other browser:
[The image you are requesting does not exist or is no longer available]
And thereâs my image.
Let me know what step(s) youâre having difficulty with.
1 Like
I have sloved it following the steps,thanks!
Hi,
Iâm having the same issue with guest user access.
I have followed these steps:
- added a new user called Guest User with service database access to âtodoâ (GET/POST) for API+SCRIPT.
- under Config->Guest User checked of âallow guest usersâ and selected the new role âGuest Userâ as the guest user role.
- added the Guest User as role for the todoquery app (actually did this in the role definitionâŚ)
- for test purposes I also added CORS access * for all verbs (to ensure Chrome Postman is not rejected)
- test http://104.XXX.XX.133:80/rest/db/todo?app_name=todoquery with sessionID returns current todo records.
- test http://104âŚXXX.XX.133:80/rest/db/todo?app_name=todoquery without sessionID returns a (403) âAccess to application âtodoqueryâ is not provisioned for this userâs role.â.
Any clues?
Cheers,
Are you sure youâve created the API key âtodoqueryâ? There is an example app name thatâs âtodojqueryââmaybe a typo?