I’m creating an external website that will hook into the Frappe framework and a custom app and am having some issues with permissions.
I’m able to connect via API and get documents with frappeclient - however, when I set permissions to “System User”, the test user is able to retrieve all documents - not just their own documents. When set to “Website User”, the API raises an AuthError.
Is there a workaround to this? I’d like to have the user be a “Website User”, and be able to retrieve documents that they are tagged in - such as sales order, and additional docs in the custom app.
Alternatively, will I have to create a separate user type, such as “API/External User”?
Thanks for your help