I would like to establish an "admin" user to administer a group of users. When I create a new user I give the admin read and write privileges. The user listing on the console shows that the admin does have r/w privileges. The problem is that when I try to update the user I get an Invalid Credential error. I'm using the admin's token to try to update the other user's information (e.g., his email). I get the same error using the API Console. I only seem to be able to update the user information when sending the token for that particular user. Can you tell me what credentials I need to send?
Hi Dawn, there's something fishy going on, then -- you should not be seeing InvalidCredentials if the auth token is valid. Could you double check that you are submitting the exact same authorization header in both the case that works and the case that does not?
Once you've double checked, can you paste the requests and responses (including the URLs you are hitting, the headers and the bodies) for both cases (success and failure) in this thread, so that I may gain more insight into the problem? if you are concerned with exposing the auth tokens, feel free to send this info to me as a private message.
over 8 years ago
I'm seeing the InvalidCredentials error. The token seems to be fine because I'm able to use it to update the admin user's information. Just not another user. Also discovered that I could not retrieve the other user's information (same InvalidCredentials error). If I change the user collection permissions to Shared then I can retrieve the user info, but I would prefer to keep the permission as Private. Doesn't solve the update issue though.
over 8 years ago
The scenario you are describing sounds correct. Are you seeing an InvalidCredentials error, or is it an InsufficientCredentials error?
If you are seeing an InvalidCredentials error, it would mean that you are not authenticating correctly as the admin user-- perhaps the auth token for your admin user is invalid?