You don't have permission to perform this operation

MarkLyck · October 31, 2020, 1:24am

I’m switching from using a 3rd party graphql request module to the one built into context.

It works fine locally, but when my custom function is triggered by a webhook I get the error: “You don’t have permission to perform this operation”

I added an authorization token to my request with permissions for everything (same token I used for the old request module that worked fine)

It’s added like so:

await ctx.api.gqlRequest(SUBSCRIPTION_UPDATE, {
        subscription: newSubscription,
        customerID,
        type: 'paused'
      }, { authorization: process.env.INTERNAL_API_TOKEN });

I have tripple checked and the process.env.INTERNAL_API_TOKEN does exist, I can console log it just fine in production and it’s correct.

I’m struggling to figure out why I’m getting a permissions error on this.

I tried changing it to { authorization:Bearer ${process.env.INTERNAL_API_TOKEN}}) with no luck.

MarkLyck · October 31, 2020, 3:44pm

Tried creating a new role with full permissions to everything, and a new API token for that role.

But it’s still getting the same permissions error

@sebastian.scholl any idea what’s going on. This is now a production issue for me, as I can’t revert to the previous one due to this other unrelated issue: Graphql-request - Cannot find name 'RequestInit'

MarkLyck · November 2, 2020, 12:58pm

@ilya.8base would really appreciate some help on this one. Still a production issue, my. webhook has already missed +100 events

eugene.antonevich · November 3, 2020, 6:21pm

Could you wrap the object ‘{ authorization: token }’ into ‘{ headers: { authorization: token } }’ and try one more time?

MarkLyck · November 3, 2020, 6:56pm

@eugene.antonevich Thank you so much!

That solved it for me!!!