I installed eJabberd 16.2 on my machine. I am trying to access the api through Postman. When I use Basic Auth everything is working fine.
I managed to get a token through the page: http://localhost:5280/oauth/authorization_token?response_type=token&client_id=Client1&scope=get_roster+sasl_auth
But every time I try to access the api with the token by adding and Authorization field to headers of the request with a value of: "bearer s7rjU649vlnVZUzaGXDtNdLQ1I4r7V2R", I get error code 32: "AccessRules: Account associated to token does not have the right to perform the operation."
This is the config in eJabberd.yml file:
-
port: 5280
module: ejabberd_http
request_handlers:
"/http-bind": mod_http_bind
"/websocket": ejabberd_http_ws
#"/log": mod_log_http
# ##OAuth support:
"/oauth": ejabberd_oauth
# ##ReST API:
"/api": mod_http_api
## "/pub/archive": mod_http_fileserver
web_admin: true
http_bind: true
http_poll: true
register: true
captcha: false
commands_admin_access:
- allow:
- user: "admin@HASOON"
commands:
- add_commands: [user, admin, open]
oauth_expire: 3600
oauth_access: all
api_permissions:
- "Admin access":
- who:
- admin
- what:
- "*"
- "!stop"
Any idea why I fail to use OAuth token.