Puzzling Errorr messages with API requests, need real reason why API request fails

I have an ERPNext cloud instance, and API requests with ‘token’ based as well as ‘Basic’ authorisation works well. I’m using Postman to test my requests.

When doing similar requests (with other credentials of-course) on my freshly installed bitnami ERPNext instance (on debian-amd64 Buster), I don’t seem to get these API requests working.
In the browser everything works fine, I can got to my /desk, change settings, create users, assign roles and generate API keys.

When testing the API requests on this new instance, I always get ‘User do not have doctype access via role permission’.
This sounds like a ‘role’ issue problem, but if I deliberately use wrong credentials, I got the the same error message, so definitely the error message are not always correct (role permissions can only be checked after correct credentials, right?)

Anyway, my user account has all roles checked that are needed.

So I’m left with these questions

  • Does it matter that my ERPNext instance is on another port (8080)?
  • Is there any user setting (or system setting) that you have to do to accept ‘token’ based or ‘Basic’ authorization?
  • Does it matter that I’m requesting from an IP address instead of a domain name ( instead of erpnext.mycompany.com)?

And any other thoughts on this issue is highly appreciated.

to my knowledge, the answer to all three questions is NO. I think they have nothing to do with your error…
so, you will have to look into more reasons why this is happening.

Not necessarily, if you are calling a whitelisted function that has “allow_guest=True” set, I think credentials are not checked.

1 Like